any.run Open in urlscan Pro
2606:4700:10::6816:304a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-...
Submission: On August 05 via manual (August 5th 2023, 8:05:36 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 44 HTTP transactions. The main IP is 2606:4700:10::6816:304a, located in United States and belongs to CLOUDFLARENET, US. The main domain is any.run. The Cisco Umbrella rank of the primary domain is 157225.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 13th 2022. Valid for: a year.

This is the only time any.run was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700:10:... 2606:4700:10::6816:304a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2600:9000:230... 2600:9000:2304:7000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
44	15

26 2606:4700:10::6816:304a (United States)

ASN13335 (CLOUDFLARENET, US)

any.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.any.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.any.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cllctr.any.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:7000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	any.run any.run — Cisco Umbrella Rank: 157225 counter.any.run — Cisco Umbrella Rank: 493551 content.any.run — Cisco Umbrella Rank: 466041 cllctr.any.run — Cisco Umbrella Rank: 572659	1 MB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 391 www.linkedin.com — Cisco Umbrella Rank: 539 px4.ads.linkedin.com — Cisco Umbrella Rank: 6039	6 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5576	669 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 115 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	2 KB
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2577 www.google.com — Cisco Umbrella Rank: 3	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	177 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 704	395 B
1	t.co t.co — Cisco Umbrella Rank: 522	377 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 870	374 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 725	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 166	2 KB
44	13

	Domain	Requested by
13	any.run	any.run
9	content.any.run	any.run
3	www.google.de	any.run
3	px.ads.linkedin.com	3 redirects
2	cllctr.any.run	counter.any.run cllctr.any.run
2	www.google.com	1 redirects any.run
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	counter.any.run	any.run counter.any.run
2	www.googletagmanager.com	any.run www.googletagmanager.com
1	googleads.g.doubleclick.net	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com	any.run
1	t.co	any.run
1	px4.ads.linkedin.com	any.run
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
44	20

This site contains links to these domains. Also see Links.

Domain
app.any.run
api.any.run

Subject Issuer	Validity	Valid
any.run Cloudflare Inc ECC CA-3	`2022-09-13` - `2023-09-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9
Frame ID: B9481A2F4B8E0083EC78B9487D20F1B9
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malware analysis https://downloadonelaunchnow.com Malicious activity | ANY.RUN - Malware Sandbox Online

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

44
Requests

95 %
HTTPS

69 %
IPv6

13
Domains

20
Subdomains

15
IPs

3
Countries

1739 kB
Transfer

3087 kB
Size

20
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://app.any.run/#register
Title: Sign up, it’s free

Search URL Search Domain Scan URL

URL: https://api.any.run/report/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/summary/html

Search URL Search Domain Scan URL

URL: https://app.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9
Title: https://app.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4331876%26time%3D1691265931686%26url%3Dhttps%253A%252F%252Fany.run%252Freport%252Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%252Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&cookiesTest=true&liSync=true&e_ipv6=AQJKwIqteTGRXwAAAYnHThxGnZdAfBBFBwQ9odvRndsxf6hoS-ai2eg683MDoStityrss89P

Request Chain 48

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977045639/?random=1812691548&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&label=cEjgCOiqrcACEIeR8tED&hn=www.googleadservices.com&frm=0&tiba=Malware%20analysis%20https%3A%2F%2Fdownloadonelaunchnow.com%20Malicious%20activity%20%7C%20ANY.RUN%20-%20Malware%20Sandbox%20Online&value=0&auid=404457292.1691265932&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i6vOZIWCLvSD7_UPzJKamAI&sscte=1&crd=&eitems=ChEI8Oa3pgYQtN3ahvH0xYrYARIdAKoMjKhZO6R0OlP5sea2nUanx2OycEVceD6zy38&pscrd=Ek5DaEVJOE9hM3BnWVEwTG1UbU1YWXFxV2tBUklsQU13c0dvd1pETk5SY3NOWkJyZVdLSXN2T0pHTGo5VTI0U2FSRi14ZVZhOHo1N2t4bXcaV0NoQUk4T2EzcGdZUXBwSHF3ZU9zLV9kYkVpMEFsWWI1bWl3SmJ1N1Rwdmpsa2ZjR2xXNmt5dWJTMmxUQzVyVnIxTk5FZVprSVhRdWdwNkppZUFmOHgxUSITCMXz1MioxoADFfTBuwgdTIkGIw HTTP 302
https://www.google.com/pagead/1p-conversion/977045639/?random=1812691548&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&label=cEjgCOiqrcACEIeR8tED&hn=www.googleadservices.com&frm=0&tiba=Malware%20analysis%20https%3A%2F%2Fdownloadonelaunchnow.com%20Malicious%20activity%20%7C%20ANY.RUN%20-%20Malware%20Sandbox%20Online&value=0&auid=404457292.1691265932&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE9hM3BnWVEwTG1UbU1YWXFxV2tBUklsQU13c0dvd1pETk5SY3NOWkJyZVdLSXN2T0pHTGo5VTI0U2FSRi14ZVZhOHo1N2t4bXcaV0NoQUk4T2EzcGdZUXBwSHF3ZU9zLV9kYkVpMEFsWWI1bWl3SmJ1N1Rwdmpsa2ZjR2xXNmt5dWJTMmxUQzVyVnIxTk5FZVprSVhRdWdwNkppZUFmOHgxUSITCMXz1MioxoADFfTBuwgdTIkGIw&is_vtc=1&ocp_id=i6vOZIWCLvSD7_UPzJKamAI&eitems=ChEI8Oa3pgYQtN3ahvH0xYrYARIdAKoMjKhLblV7RVv9BPHvD_ncPFLVP5pZ5C4uvcU&random=2881562151 HTTP 302
https://www.google.de/pagead/1p-conversion/977045639/?random=1812691548&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&label=cEjgCOiqrcACEIeR8tED&hn=www.googleadservices.com&frm=0&tiba=Malware%20analysis%20https%3A%2F%2Fdownloadonelaunchnow.com%20Malicious%20activity%20%7C%20ANY.RUN%20-%20Malware%20Sandbox%20Online&value=0&auid=404457292.1691265932&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE9hM3BnWVEwTG1UbU1YWXFxV2tBUklsQU13c0dvd1pETk5SY3NOWkJyZVdLSXN2T0pHTGo5VTI0U2FSRi14ZVZhOHo1N2t4bXcaV0NoQUk4T2EzcGdZUXBwSHF3ZU9zLV9kYkVpMEFsWWI1bWl3SmJ1N1Rwdmpsa2ZjR2xXNmt5dWJTMmxUQzVyVnIxTk5FZVprSVhRdWdwNkppZUFmOHgxUSITCMXz1MioxoADFfTBuwgdTIkGIw&is_vtc=1&ocp_id=i6vOZIWCLvSD7_UPzJKamAI&eitems=ChEI8Oa3pgYQtN3ahvH0xYrYARIdAKoMjKhLblV7RVv9BPHvD_ncPFLVP5pZ5C4uvcU&random=2881562151&ipr=y

44 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request f0628bd4-0cda-41ff-8a57-a68796ae8ed9 Show response
any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/ 554 KB
63 KB 1448ms
1404ms Document
text/html 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a1ac713e0a26212cce602a2f1d31729ab22d63754b610d74f2c249fdf5d1e056

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7f21a7badd8bbb71-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 05 Aug 2023 20:05:30 GMT
last-modified: Sat, 05 Aug 2023 20:05:29 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: Express

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
87 KB 152ms
66ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSC8CSS

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0aa08cde2b2ec61b1f4e38066b2b7900456b738e47cffb57eb764d959400b0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88786
x-xss-protection: 0
last-modified: Sat, 05 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Aug 2023 20:05:30 GMT

GET
H2 200 init Show response
counter.any.run/api/site/1.0/4d8ecbfc8e4f61056a34ee802f0aeb27/ 109 KB
35 KB 343ms
323ms Script
application/javascript 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.any.run/api/site/1.0/4d8ecbfc8e4f61056a34ee802f0aeb27/init?referrer=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9
Requested by: Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 889b3793e6fbadb941a97e1a04fd4f76fea41dc15dee3b9d4706a2273c0f684f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7f21a7c40b15bb71-FRA

GET
H2 200 app.a6d5c203515847d4.js Show response
any.run/report/assets/js/ 289 KB
109 KB 59ms
59ms Script
application/javascript 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/js/app.a6d5c203515847d4.js

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3e8f974b49bd4a1a41b5a9a71a2585ba51853e257322d5a9d27756a984ee2c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"485f6-189b50a27e8"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
cf-ray: 7f21a7c3faf7bb71-FRA

GET
H2 200 app.cc221c82.css
any.run/report/assets/css/ 197 KB
116 KB 28ms
28ms Stylesheet
text/css 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/css/app.cc221c82.css

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1bbd5464ccd9123032a1480b0f7ad308b155ad0c3bce93311956682e1d7a2bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"3150d-189b50a27e8"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
cf-ray: 7f21a7c3faf5bb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/8a8838be-eca3-4dbe-8275-0ea347c55e2a/ 55 KB
56 KB 113ms
94ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/8a8838be-eca3-4dbe-8275-0ea347c55e2a/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe467584a83742bfbbffc9b7bd765775e49e7ba7e2704e4f2155087cda572214

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="8a8838be-eca3-4dbe-8275-0ea347c55e2a.jpeg"
cf-ray: 7f21a7c41b43bb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/2d0367f2-220d-406b-b644-4f18fa56acdc/ 29 KB
29 KB 131ms
111ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/2d0367f2-220d-406b-b644-4f18fa56acdc/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7687da4e805ef82da50ec5e09c39f42d8d46ce4d782797e519a38e9f1e6458ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="2d0367f2-220d-406b-b644-4f18fa56acdc.jpeg"
cf-ray: 7f21a7c42b4dbb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/af48d55b-c6ee-4106-8073-ecc2fd942873/ 56 KB
56 KB 140ms
121ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/af48d55b-c6ee-4106-8073-ecc2fd942873/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df998520cd3d94be2383323a85f6b915450f609fa8347e4c9d30d1e88783c285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="af48d55b-c6ee-4106-8073-ecc2fd942873.jpeg"
cf-ray: 7f21a7c42b49bb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/968ab08e-6dfd-48bb-98de-53bd80cc33a0/ 63 KB
63 KB 135ms
116ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/968ab08e-6dfd-48bb-98de-53bd80cc33a0/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0845368579ca2a9296b0764c4f8681aeed9e1154d743f3878bda44f49b7667ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="968ab08e-6dfd-48bb-98de-53bd80cc33a0.jpeg"
cf-ray: 7f21a7c42b53bb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/e2f58c7b-4ecb-488c-bccf-0476873e07c4/ 38 KB
38 KB 119ms
100ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/e2f58c7b-4ecb-488c-bccf-0476873e07c4/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6275c42fdab14b7520f900e2ba12e17ee111e8cfc39a04fe0271d36e16c4247a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="e2f58c7b-4ecb-488c-bccf-0476873e07c4.jpeg"
cf-ray: 7f21a7c42b51bb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/4d3adb34-3c32-4fdb-ac9d-485b8c574e79/ 28 KB
28 KB 121ms
102ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/4d3adb34-3c32-4fdb-ac9d-485b8c574e79/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4a06b8b67fc7958a6f7133041d8a808f960e25e1ec31914f3cbfe152a205e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="4d3adb34-3c32-4fdb-ac9d-485b8c574e79.jpeg"
cf-ray: 7f21a7c42b55bb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/d757be75-c3be-4e81-a745-5fc62c4b990e/ 29 KB
29 KB 98ms
98ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/d757be75-c3be-4e81-a745-5fc62c4b990e/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead29f52a9064d3282d1d01b5973ca7b26dd117ce656d649ad9d07466d261f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="d757be75-c3be-4e81-a745-5fc62c4b990e.jpeg"
cf-ray: 7f21a7c4cc99bb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/dcb816a3-f4c9-455d-b024-1445c0020e0e/ 32 KB
32 KB 97ms
97ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/dcb816a3-f4c9-455d-b024-1445c0020e0e/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0930b51436cb405f019ae8b2cf6e9adfa081ea52a8a52dba76d0fea721536639

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="dcb816a3-f4c9-455d-b024-1445c0020e0e.jpeg"
cf-ray: 7f21a7c4cc9dbb71-FRA

GET
H2 200 image.jpeg
content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/ba8019e4-4088-4678-9fdc-52ff8d7301c3/ 30 KB
30 KB 101ms
101ms Image
image/jpeg 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.any.run/tasks/f0628bd4-0cda-41ff-8a57-a68796ae8ed9/download/screens/ba8019e4-4088-4678-9fdc-52ff8d7301c3/image.jpeg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69a81ead66b7923dd6aa16470c054788882df78dfc04b1ce5143952fc16d4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: attachment; filename="ba8019e4-4088-4678-9fdc-52ff8d7301c3.jpeg"
cf-ray: 7f21a7c4cc9fbb71-FRA

GET
H2 200 icon-sprite.svg
any.run/report/assets/sprites/ 17 KB
7 KB 58ms
58ms Other
image/svg+xml 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/sprites/icon-sprite.svg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9a248f59eff82ff05cb1823e5a07acaab2ab46b249f67d1ad4b5dcc0bfb0aaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"4391-189b50a27e8"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0
cf-ray: 7f21a7c43b9cbb71-FRA

GET
H2 200 icon-sprite-indicators.svg
any.run/report/assets/sprites/ 31 KB
12 KB 26ms
26ms Other
image/svg+xml 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/sprites/icon-sprite-indicators.svg

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

32df85782160af3169efa0b98748e4f6284b54a6fd70d107f88900b65b914924

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"7d20-189b50a27e8"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0
cf-ray: 7f21a7c44ba3bb71-FRA

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0195ef163a9b3a1f2238dbbc3bc9da48ffaadb69fcc70da321786fb16af47d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 169c379630e11371c1fe01c01425bc3852e070d00092a96444dafe6aeaeab0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d00b597a4d6cbdd084691abdda9f2584bdc283c9605df75de2b450e7a761078f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 949 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ecd3329eb7900e5c1726e5708b654d537ea56724bc8d70defcdb5ffaea57f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cff99158b3de319f0cdfb69a7b8c3cdc100ef4f6c89c0b3acc1ac69c1c54beca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d933aedb59e5df35e8dc8d85881881efa1382db7ae06aded22ac2907dae149e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef11c02f92f7cd7c2c9287da13c5744bcdc65492d29d9a4aac11f5e7e586aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 banner-noise.9560c417.png
any.run/report/assets/img/ 391 KB
392 KB 58ms
57ms Image
image/png 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://any.run/report/assets/img/banner-noise.9560c417.png

Requested by

Host: any.run
URL: https://any.run/report/assets/css/app.cc221c82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6fecbbb48e5b78c68a38e3ee65de6413316a143a897af27e7139dc80cd4dfb77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/report/assets/css/app.cc221c82.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"61d13-189b50a27e8"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7f21a7c45be7bb71-FRA
content-length: 400659

GET
H2 200 banner-gradient.f1e18ad3.png
any.run/report/assets/img/ 22 KB
22 KB 34ms
34ms Image
image/png 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://any.run/report/assets/img/banner-gradient.f1e18ad3.png

Requested by

Host: any.run
URL: https://any.run/report/assets/css/app.cc221c82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6daeab45fd786e2b5d407327f9794e202db74fa40cfba7fb31ceed48b2c9d8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/report/assets/css/app.cc221c82.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"5699-189b50a27e8"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7f21a7c45be8bb71-FRA
content-length: 22169

GET
H2 200 banner-map.6f8aefee.png
any.run/report/assets/img/ 306 KB
306 KB 36ms
35ms Image
image/png 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://any.run/report/assets/img/banner-map.6f8aefee.png

Requested by

Host: any.run
URL: https://any.run/report/assets/css/app.cc221c82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

afab570a6ac8f15e13720c647b50edeb96ba88d1204277c379c53b0b19ec2623

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/report/assets/css/app.cc221c82.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"4c655-189b50a27e8"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7f21a7c45beabb71-FRA
content-length: 312917

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 montserrat-latin-wght-normal.bbd0be5a.woff2
any.run/report/assets/fonts/ 30 KB
30 KB 27ms
26ms Font
font/woff2 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/fonts/montserrat-latin-wght-normal.bbd0be5a.woff2

Requested by

Host: any.run
URL: https://any.run/report/assets/css/app.cc221c82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://any.run/report/assets/css/app.cc221c82.css
Origin: https://any.run
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"78d0-189b50a27e8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7f21a7c48c33bb71-FRA
content-length: 30928

GET
H2 200 teko-latin-700-normal.afc4bdf9.woff2
any.run/report/assets/fonts/ 13 KB
13 KB 30ms
29ms Font
font/woff2 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/fonts/teko-latin-700-normal.afc4bdf9.woff2

Requested by

Host: any.run
URL: https://any.run/report/assets/css/app.cc221c82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3ac7f47be06ed56cebf7d19f23386fa58144a3fec5dfb68a82edcecc20df444a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://any.run/report/assets/css/app.cc221c82.css
Origin: https://any.run
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"326c-189b50a27e8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7f21a7c48c38bb71-FRA
content-length: 12908

GET
H2 200 roboto-latin-700-normal.71b2beb8.woff2
any.run/report/assets/fonts/ 15 KB
16 KB 38ms
37ms Font
font/woff2 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/fonts/roboto-latin-700-normal.71b2beb8.woff2

Requested by

Host: any.run
URL: https://any.run/report/assets/css/app.cc221c82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://any.run/report/assets/css/app.cc221c82.css
Origin: https://any.run
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"3df4-189b50a27e8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7f21a7c48c39bb71-FRA
content-length: 15860

GET
H2 200 roboto-latin-500-normal.3170fd9a.woff2
any.run/report/assets/fonts/ 16 KB
16 KB 46ms
45ms Font
font/woff2 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/fonts/roboto-latin-500-normal.3170fd9a.woff2

Requested by

Host: any.run
URL: https://any.run/report/assets/css/app.cc221c82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://any.run/report/assets/css/app.cc221c82.css
Origin: https://any.run
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"3e30-189b50a27e8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7f21a7c48c3abb71-FRA
content-length: 15920

GET
H2 200 roboto-latin-400-normal.f2894edc.woff2
any.run/report/assets/fonts/ 15 KB
15 KB 51ms
51ms Font
font/woff2 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://any.run/report/assets/fonts/roboto-latin-400-normal.f2894edc.woff2

Requested by

Host: any.run
URL: https://any.run/report/assets/css/app.cc221c82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://any.run/report/assets/css/app.cc221c82.css
Origin: https://any.run
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Aug 2023 06:58:09 GMT
server: cloudflare
x-powered-by: Express
etag: W/"3d80-189b50a27e8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7f21a7c48c3bbb71-FRA
content-length: 15744

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 131ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSC8CSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Aug 2023 19:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 946
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 05 Aug 2023 21:49:45 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/977045639/ 3 KB
2 KB 163ms
57ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/977045639/?random=1691265931622&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&label=cEjgCOiqrcACEIeR8tED&hn=www.googleadservices.com&frm=0&tiba=Malware%20analysis%20https%3A%2F%2Fdownloadonelaunchnow.com%20Malicious%20activity%20%7C%20ANY.RUN%20-%20Malware%20Sandbox%20Online&value=0&bttype=purchase&auid=404457292.1691265932&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSC8CSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cf82ea7c5185c274dd3775ae90655e9bf863cd7362651c994df08c753f945722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1761
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 44ms
9ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSC8CSS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=54971
accept-ranges: bytes
content-length: 4862

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 41ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSC8CSS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230028-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
90 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-53KB74YDZR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSC8CSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4963280cbd87ff3cbf21d4dc50125cb5e5db5273cbfb5a109519e5c5c028d3d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 05 Aug 2023 20:05:31 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4331876/domain/any.run/ 36 B
374 B 143ms
61ms XHR
application/json 2600:9000:2304:7000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4331876/domain/any.run/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:7000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://any.run/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:04:29 GMT
content-encoding: gzip
via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 62
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 27e9vnrKMg7h2ViQRDQNbxuTdoqMAE62Ch16Ks8gDhM1dAWljA404A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-4...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-4...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4331876%26time%3D1691265931686%26url%3Dhttps%253A%252F%252Fany.run%252Freport%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-4...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-...

0
481 B

257ms
179ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&cookiesTest=true&liSync=true&e_ipv6=AQJKwIqteTGRXwAAAYnHThxGnZdAfBBFBwQ9odvRndsxf6hoS-ai2eg683MDoStityrss89P
Requested by: Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:05:32 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3CA7031FD7FE4D37BB8A4BA6131F8AE0 Ref B: FRAEDGE1721 Ref C: 2023-08-05T20:05:32Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCMokimVEWrRvP8nC8Vg==

Redirect headers

date: Sat, 05 Aug 2023 20:05:31 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: EDA36B148F464AC7A33429CFA351B442 Ref B: FRAEDGE1817 Ref C: 2023-08-05T20:05:32Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4331876&time=1691265931686&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&cookiesTest=true&liSync=true&e_ipv6=AQJKwIqteTGRXwAAAYnHThxGnZdAfBBFBwQ9odvRndsxf6hoS-ai2eg683MDoStityrss89P
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCMokeWVA4FySMo9X//A==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 141ms
116ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=71bb5663-d565-4cf9-ac54-25d8229ca4e9&events=%5B%5B%22pageview%22%2C%7B%22value%22%3A%2210%22%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0a467eea-28c3-4b2a-a07c-a7bcc2087b1e&tw_document_href=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=10&txn_id=o6any&type=javascript&version=2.3.29

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 110
date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8ca755188bb4ebea
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 337fe6db9814c330bbf1e10f98e8e02ece191ee157f2e850704634dfa74e4718
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 235ms
196ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=71bb5663-d565-4cf9-ac54-25d8229ca4e9&events=%5B%5B%22pageview%22%2C%7B%22value%22%3A%2210%22%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0a467eea-28c3-4b2a-a07c-a7bcc2087b1e&tw_document_href=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=10&txn_id=o6any&type=javascript&version=2.3.29

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 189
date: Sat, 05 Aug 2023 20:05:30 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ba716505c9dad2c7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f8860cd12769e17b712f72650c0c44c73ec582fed65ae4605cb76662a6bd9044
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 50ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-53KB74YDZR&gtm=45je3820&_p=1649520292&_gaz=1&cid=1566437746.1691265932&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691265931&sct=1&seg=0&dl=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&dt=Malware%20analysis%20https%3A%2F%2Fdownloadonelaunchnow.com%20Malicious%20activity%20%7C%20ANY.RUN%20-%20Malware%20Sandbox%20Online&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-53KB74YDZR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://any.run
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 56ms
18ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-53KB74YDZR&cid=1566437746.1691265932&gtm=45je3820&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-53KB74YDZR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://any.run
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 158ms
63ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-53KB74YDZR&cid=1566437746.1691265932&gtm=45je3820&aip=1&z=1587795395

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 addVisit Show response
counter.any.run/api/site/1.0/4d8ecbfc8e4f61056a34ee802f0aeb27/ 2 KB
817 B 342ms
342ms Script
application/javascript 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.any.run/api/site/1.0/4d8ecbfc8e4f61056a34ee802f0aeb27/addVisit?v=304&marker=&visit=0&first_visit=&guid=undefined&phone_prefix=&phone_prefix_bind=&phone_scripts_bind=&referrer=&page=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&ab=&hash=OS%60%40c%40ECr%18N%40Hl%13BN~%1ARf%40o_dnk%1Adn%7F%19g%40ASf%40o%18e~oSd%40%7F%1FgPcCL%7B%17%17
Requested by: Host: counter.any.run
URL: https://counter.any.run/api/site/1.0/4d8ecbfc8e4f61056a34ee802f0aeb27/init?referrer=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b980133e7ac30fd0b6940613f5a08f76959e070504819e104c672308ef5f82ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:32 GMT
content-encoding: gzip
xdomainrequestallowed: 1
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7f21a7c9cc19bb71-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
203 B 46ms
45ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1649520292&t=pageview&_s=1&dl=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&ul=en-us&de=UTF-8&dt=Malware%20analysis%20https%3A%2F%2Fdownloadonelaunchnow.com%20Malicious%20activity%20%7C%20ANY.RUN%20-%20Malware%20Sandbox%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1096449297&gjid=1739117411&cid=1566437746.1691265932&tid=UA-85156687-1&_gid=458702967.1691265932&_r=1&_slc=1&gtm=45He3820n81NSC8CSS&z=932274777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://any.run/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://any.run
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/977045639/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977045639/?random=1812691548&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany....
https://www.google.com/pagead/1p-conversion/977045639/?random=1812691548&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany.run%2Freport%2Fbf804d...
https://www.google.de/pagead/1p-conversion/977045639/?random=1812691548&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da...

42 B
154 B

54ms
54ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/977045639/?random=1812691548&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&label=cEjgCOiqrcACEIeR8tED&hn=www.googleadservices.com&frm=0&tiba=Malware%20analysis%20https%3A%2F%2Fdownloadonelaunchnow.com%20Malicious%20activity%20%7C%20ANY.RUN%20-%20Malware%20Sandbox%20Online&value=0&auid=404457292.1691265932&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE9hM3BnWVEwTG1UbU1YWXFxV2tBUklsQU13c0dvd1pETk5SY3NOWkJyZVdLSXN2T0pHTGo5VTI0U2FSRi14ZVZhOHo1N2t4bXcaV0NoQUk4T2EzcGdZUXBwSHF3ZU9zLV9kYkVpMEFsWWI1bWl3SmJ1N1Rwdmpsa2ZjR2xXNmt5dWJTMmxUQzVyVnIxTk5FZVprSVhRdWdwNkppZUFmOHgxUSITCMXz1MioxoADFfTBuwgdTIkGIw&is_vtc=1&ocp_id=i6vOZIWCLvSD7_UPzJKamAI&eitems=ChEI8Oa3pgYQtN3ahvH0xYrYARIdAKoMjKhLblV7RVv9BPHvD_ncPFLVP5pZ5C4uvcU&random=2881562151&ipr=y

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/977045639/?random=1812691548&cv=11&fst=1691265931622&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9&label=cEjgCOiqrcACEIeR8tED&hn=www.googleadservices.com&frm=0&tiba=Malware%20analysis%20https%3A%2F%2Fdownloadonelaunchnow.com%20Malicious%20activity%20%7C%20ANY.RUN%20-%20Malware%20Sandbox%20Online&value=0&auid=404457292.1691265932&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE9hM3BnWVEwTG1UbU1YWXFxV2tBUklsQU13c0dvd1pETk5SY3NOWkJyZVdLSXN2T0pHTGo5VTI0U2FSRi14ZVZhOHo1N2t4bXcaV0NoQUk4T2EzcGdZUXBwSHF3ZU9zLV9kYkVpMEFsWWI1bWl3SmJ1N1Rwdmpsa2ZjR2xXNmt5dWJTMmxUQzVyVnIxTk5FZVprSVhRdWdwNkppZUFmOHgxUSITCMXz1MioxoADFfTBuwgdTIkGIw&is_vtc=1&ocp_id=i6vOZIWCLvSD7_UPzJKamAI&eitems=ChEI8Oa3pgYQtN3ahvH0xYrYARIdAKoMjKhLblV7RVv9BPHvD_ncPFLVP5pZ5C4uvcU&random=2881562151&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-85156687-1&cid=1566437746.1691265932&jid=1096449297&gjid=1739117411&_gid=458702967.1691265932&_u=YCDACEAABAAAACAAI~&z=1764534943

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://any.run/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 05 Aug 2023 20:05:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://any.run
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 161ms
63ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-85156687-1&cid=1566437746.1691265932&jid=1096449297&_u=YCDACEAABAAAACAAI~&z=973753961

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 65ms
62ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-85156687-1&cid=1566437746.1691265932&jid=1096449297&_u=YCDACEAABAAAACAAI~&z=973753961

Requested by

Host: any.run
URL: https://any.run/report/bf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3/f0628bd4-0cda-41ff-8a57-a68796ae8ed9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 counter_eu.js Show response
cllctr.any.run/ 6 KB
3 KB 133ms
114ms Script
application/javascript 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cllctr.any.run/counter_eu.js
Requested by: Host: counter.any.run
URL: https://counter.any.run/api/site/1.0/4d8ecbfc8e4f61056a34ee802f0aeb27/init?referrer=https%3A%2F%2Fany.run%2Freport%2Fbf804da93cf53cc55783cb3aedd3ed489e919273e678fd059bbe5295278a7da3%2Ff0628bd4-0cda-41ff-8a57-a68796ae8ed9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9cc59439c4b4bde58e60eae201a82b8fe7b39afc4f1102812121a08ea383a67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:32 GMT
content-encoding: gzip
cf-cache-status: BYPASS
last-modified: Mon, 28 Nov 2022 15:45:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7f21a7cf3c60bb71-FRA

GET
H2 200 Y291bnRlcl9pZD00ZDhlY2JmYzhlNGY2MTA1NmEzNGVlODAyZjBhZWIyNyZwYWdlPWh0dHBzJTNBJTJGJTJGYW55LnJ1biUyRnJlcG9ydCUyRmJmODA0ZGE5M2NmNTNjYzU1NzgzY2IzYWVkZDNlZDQ4OWU5MTkyNzNlNjc4ZmQwNTliYmU1Mjk1Mjc4YTdkYTMlM... Show response
cllctr.any.run/stream/view/-/ 58 B
179 B 106ms
105ms Script
text/plain 2606:4700:10::6816:304a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cllctr.any.run/stream/view/-/Y291bnRlcl9pZD00ZDhlY2JmYzhlNGY2MTA1NmEzNGVlODAyZjBhZWIyNyZwYWdlPWh0dHBzJTNBJTJGJTJGYW55LnJ1biUyRnJlcG9ydCUyRmJmODA0ZGE5M2NmNTNjYzU1NzgzY2IzYWVkZDNlZDQ4OWU5MTkyNzNlNjc4ZmQwNTliYmU1Mjk1Mjc4YTdkYTMlMkZmMDYyOGJkNC0wY2RhLTQxZmYtOGE1Ny1hNjg3OTZhZThlZDkmY29va2llPV9nY2xfYXUlM0QxLjEuNDA0NDU3MjkyLjE2OTEyNjU5MzIlM0IlMjBfZ2FfNTNLQjc0WURaUiUzREdTMS4xLjE2OTEyNjU5MzEuMS4wLjE2OTEyNjU5MzEuNjAuMC4wJTNCJTIwX2dhJTNER0ExLjIuMTU2NjQzNzc0Ni4xNjkxMjY1OTMyJTNCJTIwX2dpZCUzREdBMS4yLjQ1ODcwMjk2Ny4xNjkxMjY1OTMyJTNCJTIwX2dhdF9VQS04NTE1NjY4Ny0xJTNEMSUzQiUyMGxuX29yJTNEZXlJME16TXhPRGMySWpvaVpDSjklM0IlMjBtYV92aXNpdCUzRDcyMDc0NzMlM0IlMjBtYV9maXJzdF92aXNpdCUzRDcyMDc0NzMlM0IlMjBtYV9jb29raWVzX3RvX3Jlc2F2ZSUzRG1hX2FiJTI1MkNtYV9hYl9zdWJtaXQlMjUyQ21hX3Zpc2l0JTI1MkNtYV9maXJzdF92aXNpdCZob3N0PWFueS5ydW4mdmlzaXRfaWQ9NzIwNzQ3MyZwaG9uZT0=
Requested by: Host: cllctr.any.run
URL: https://cllctr.any.run/counter_eu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:304a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97c41a2a93adaf52208d0d1a0d9cd14c1de625c48066bee12c23ebaf9060fce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://any.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 20:05:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7f21a7d12f0cbb71-FRA

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.any.run/	1970-01-20 15:57:21	Name: _gcl_au Value: 1.1.404457292.1691265932
.any.run/	1970-01-20 23:23:45	Name: _ga_53KB74YDZR Value: GS1.1.1691265931.1.0.1691265931.60.0.0
.any.run/	1970-01-20 23:23:45	Name: _ga Value: GA1.2.1566437746.1691265932
.any.run/	1970-01-20 13:49:12	Name: _gid Value: GA1.2.458702967.1691265932
.any.run/	1970-01-20 13:47:45	Name: _gat_UA-85156687-1 Value: 1
any.run/	1970-01-20 13:49:12	Name: ln_or Value: eyI0MzMxODc2IjoiZCJ9
.t.co/	1970-01-20 23:23:45	Name: muc_ads Value: 4781f527-820b-41d6-b9ba-c57c86badd86
.linkedin.com/	1970-01-20 15:57:21	Name: li_sugr Value: 87929235-8ec8-46e1-b979-2b4313c0fdb1
.linkedin.com/	1970-01-20 22:33:21	Name: bcookie Value: "v=2&9698bc09-9ddb-4a19-8ce9-6a3ddbb4e947"
.linkedin.com/	1970-01-20 13:49:12	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2973:u=1:x=1:i=1691265931:t=1691352331:v=2:sig=AQHqkLoxhcDcawFzPMjwlUQNJGkg9Ezq"
.twitter.com/	1970-01-20 23:23:45	Name: personalization_id Value: "v1_6JysuFdHmRLY2e4B3TYl0g=="
.doubleclick.net/	1970-01-20 13:47:46	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 14:30:57	Name: UserMatchHistory Value: AQLX6hovZW8higAAAYnHThrdTbl0ide6hZku86G45AxTdmv-Qgul2kEmSBTivMRFxL88ou7kvh3LRA
.linkedin.com/	1970-01-20 14:30:57	Name: AnalyticsSyncHistory Value: AQKYQKQVthyhCAAAAYnHThrdP9eFsuE7nSs0xL8ULJqvvrqSe_e8qDRMdg4xe1jJ74xG70Yh6kmrOHg6LREOfQ
.any.run/	1970-01-20 14:07:55	Name: ma_visit Value: 7207473
.any.run/	1970-01-20 23:23:45	Name: ma_first_visit Value: 7207473
any.run/	1969-12-31 23:59:59	Name: ma_cookies_to_resave Value: ma_ab%2Cma_ab_submit%2Cma_visit%2Cma_first_visit
.www.linkedin.com/	1970-01-20 22:33:21	Name: bscookie Value: "v=1&2023080520053284c256d1-c7f5-4057-8cd7-f8c832da083bAQEEbVxuOfD9-4VX7WyqcNQiQWxB8Ozv"
.linkedin.com/	1970-01-20 18:06:57	Name: li_gc Value: MTswOzE2OTEyNjU5MzI7MjswMjHIVXMmsDVC5Ds+LgzKM08twroQFyT9G4GquC607WQFrA==
any.run/	1970-01-20 23:23:45	Name: ___dc Value: 846f0d04-d016-4994-a8b9-9731651a08e9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
any.run
cdn.linkedin.oribi.io
cllctr.any.run
content.any.run
counter.any.run
googleads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.244.42.131
104.244.42.133
13.107.42.14
142.250.184.226
146.75.116.157
2001:4860:4802:32::36
2600:9000:2304:7000:2:53b2:240:93a1
2606:4700:10::6816:304a
2620:1ec:21::14
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9d
2a02:26f0:480:f::213:7edd
0845368579ca2a9296b0764c4f8681aeed9e1154d743f3878bda44f49b7667ac
0930b51436cb405f019ae8b2cf6e9adfa081ea52a8a52dba76d0fea721536639
0aa08cde2b2ec61b1f4e38066b2b7900456b738e47cffb57eb764d959400b0fe
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
169c379630e11371c1fe01c01425bc3852e070d00092a96444dafe6aeaeab0f2
1bbd5464ccd9123032a1480b0f7ad308b155ad0c3bce93311956682e1d7a2bf6
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
32df85782160af3169efa0b98748e4f6284b54a6fd70d107f88900b65b914924
3ac7f47be06ed56cebf7d19f23386fa58144a3fec5dfb68a82edcecc20df444a
3e8f974b49bd4a1a41b5a9a71a2585ba51853e257322d5a9d27756a984ee2c7f
4963280cbd87ff3cbf21d4dc50125cb5e5db5273cbfb5a109519e5c5c028d3d3
6275c42fdab14b7520f900e2ba12e17ee111e8cfc39a04fe0271d36e16c4247a
63ecd3329eb7900e5c1726e5708b654d537ea56724bc8d70defcdb5ffaea57f2
6b4a06b8b67fc7958a6f7133041d8a808f960e25e1ec31914f3cbfe152a205e4
6daeab45fd786e2b5d407327f9794e202db74fa40cfba7fb31ceed48b2c9d8d2
6fecbbb48e5b78c68a38e3ee65de6413316a143a897af27e7139dc80cd4dfb77
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7687da4e805ef82da50ec5e09c39f42d8d46ce4d782797e519a38e9f1e6458ce
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889b3793e6fbadb941a97e1a04fd4f76fea41dc15dee3b9d4706a2273c0f684f
9a248f59eff82ff05cb1823e5a07acaab2ab46b249f67d1ad4b5dcc0bfb0aaca
a1ac713e0a26212cce602a2f1d31729ab22d63754b610d74f2c249fdf5d1e056
a97c41a2a93adaf52208d0d1a0d9cd14c1de625c48066bee12c23ebaf9060fce
a9cc59439c4b4bde58e60eae201a82b8fe7b39afc4f1102812121a08ea383a67
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef11c02f92f7cd7c2c9287da13c5744bcdc65492d29d9a4aac11f5e7e586aa0
afab570a6ac8f15e13720c647b50edeb96ba88d1204277c379c53b0b19ec2623
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b980133e7ac30fd0b6940613f5a08f76959e070504819e104c672308ef5f82ac
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf82ea7c5185c274dd3775ae90655e9bf863cd7362651c994df08c753f945722
cff99158b3de319f0cdfb69a7b8c3cdc100ef4f6c89c0b3acc1ac69c1c54beca
d00b597a4d6cbdd084691abdda9f2584bdc283c9605df75de2b450e7a761078f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d933aedb59e5df35e8dc8d85881881efa1382db7ae06aded22ac2907dae149e2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df998520cd3d94be2383323a85f6b915450f609fa8347e4c9d30d1e88783c285
e0195ef163a9b3a1f2238dbbc3bc9da48ffaadb69fcc70da321786fb16af47d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69a81ead66b7923dd6aa16470c054788882df78dfc04b1ce5143952fc16d4b3
ead29f52a9064d3282d1d01b5973ca7b26dd117ce656d649ad9d07466d261f90
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fe467584a83742bfbbffc9b7bd765775e49e7ba7e2704e4f2155087cda572214

any.run Open in urlscan Pro 2606:4700:10::6816:304a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

69 %IPv6

13 Domains

20 Subdomains

15 IPs

3 Countries

1739 kBTransfer

3087 kBSize

20 Cookies

3 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

any.run Open in urlscan Pro
2606:4700:10::6816:304a Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

69 %
IPv6

13
Domains

20
Subdomains

15
IPs

3
Countries

1739 kB
Transfer

3087 kB
Size

20
Cookies

44 HTTP transactions
11 data transactions