try.threatdown.com Open in urlscan Pro
3.79.251.47 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://try.threatdown.com/2024-state-of-malware/
Submission: On February 07 via api (February 7th 2024, 2:13:29 am UTC) from TR — Scanned from DE

Summary HTTP 89 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 89 HTTP transactions. The main IP is 3.79.251.47, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is try.threatdown.com.
TLS certificate: Issued by R3 on January 24th 2024. Valid for: 3 months.

This is the only time try.threatdown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	3.79.251.47 3.79.251.47	16509 (AMAZON-02) (AMAZON-02)
2	18.245.60.25 18.245.60.25	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
6	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:6000:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.66.233 192.0.66.233	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
9	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	52.222.250.12 52.222.250.12	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.158.205.16 18.158.205.16	16509 (AMAZON-02) (AMAZON-02)
2	18.245.46.89 18.245.46.89	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.66.97.17 18.66.97.17	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:c000:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:612... 2600:1f18:612b:4232:b45c:2ea4:feea:e8e2	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.194.81.74 35.194.81.74	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.161.97.117 18.161.97.117	16509 (AMAZON-02) (AMAZON-02)
89	30

3 3.79.251.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-79-251-47.eu-central-1.compute.amazonaws.com

try.threatdown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-25.fra60.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:6000:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.66.233 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.222.250.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-12.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.158.205.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-89.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-17.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c000:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:b45c:2ea4:feea:e8e2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.81.74 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 74.81.194.35.bc.googleusercontent.com

r3.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.97.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-97-117.mrs52.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cloudfront.net d9hhrg4mnvzow.cloudfront.net	325 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 364	155 KB
10	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3099 r3.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 68342	104 KB
8	malwarebytes.com go.malwarebytes.com — Cisco Umbrella Rank: 642421 www.malwarebytes.com — Cisco Umbrella Rank: 139481	142 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	449 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	37 KB
5	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 25753	66 KB
4	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4395 tag-logger.demandbase.com — Cisco Umbrella Rank: 4432 scripts.demandbase.com — Cisco Umbrella Rank: 10767	81 KB
4	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 14038	55 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	284 KB
3	threatdown.com try.threatdown.com	35 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	1 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1515 api.company-target.com — Cisco Umbrella Rank: 3815	3 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 22387	37 KB
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 14315	1 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1311	392 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738	98 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	304 B
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	256 B
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 12061	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	31 KB
89	23

	Domain	Requested by
13	d9hhrg4mnvzow.cloudfront.net	try.threatdown.com
12	cdn.cookielaw.org	try.threatdown.com cdn.cookielaw.org
9	dev.visualwebsiteoptimizer.com	try.threatdown.com dev.visualwebsiteoptimizer.com
6	go.malwarebytes.com	try.threatdown.com go.malwarebytes.com
5	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	x.clearbitjs.com	tag.clearbitscripts.com x.clearbitjs.com
4	www.google.com	try.threatdown.com www.gstatic.com www.google.com
3	www.googletagmanager.com	try.threatdown.com www.googletagmanager.com
3	try.threatdown.com	try.threatdown.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	fonts.gstatic.com	www.google.com
2	tag.demandbase.com	try.threatdown.com tag.demandbase.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.malwarebytes.com	try.threatdown.com
2	builder-assets.unbounce.com	try.threatdown.com
1	scripts.demandbase.com	tag.demandbase.com
1	app.clearbit.com	x.clearbitjs.com
1	r3.visualwebsiteoptimizer.com	try.threatdown.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	try.threatdown.com
1	s.company-target.com	tag.demandbase.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.google.de	try.threatdown.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	tag.clearbitscripts.com	try.threatdown.com
1	code.jquery.com	try.threatdown.com
89	30

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.com
www.onetrust.com

Subject Issuer	Validity	Valid
try.threatdown.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
go.malwarebytes.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
clearbitscripts.com Amazon RSA 2048 M01	`2023-06-11` - `2024-07-09`	a year	crt.sh
*.malwarebytes.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-10-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
clearbitjs.com Amazon RSA 2048 M01	`2023-03-17` - `2024-04-14`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.company-target.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
clearbit.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://try.threatdown.com/2024-state-of-malware/
Frame ID: E8A6828991A0430DF13497F855FAEBF3
Requests: 76 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 2E3352C1F1ADF806D4D733B2AE5F50E8
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdP4FkpAAAAAO6luyUOWiI6GDPC5qVN8E7FXvOq&co=aHR0cHM6Ly90cnkudGhyZWF0ZG93bi5jb206NDQz&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=t83guvozf41b
Frame ID: 6D7AB935BAD1144E12F7B8D70535E91F
Requests: 8 HTTP requests in this frame

Frame: https://go.malwarebytes.com/index.php/form/XDFrame
Frame ID: 1EB53B512AEC8AAEB5602961A9C82402
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2024 State of Malware | ThreatDown, powered by MalwarebytesBack ButtonSearch IconFilter Icon

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

89
Requests

98 %
HTTPS

45 %
IPv6

23
Domains

30
Subdomains

30
IPs

4
Countries

1807 kB
Transfer

4684 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.malwarebytes.com/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1722996804&external_user_id=24879452-cce7-4ee3-b448-2dc7f52b3e2e HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1722996804&external_user_id=24879452-cce7-4ee3-b448-2dc7f52b3e2e&C=1

89 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
try.threatdown.com/2024-state-of-malware/ 115 KB
19 KB 115ms
12ms Document
text/html 3.79.251.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.79.251.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-79-251-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b9af250ed57eca50337f383062a92bf7767387429808fd94f46bebc2e4eea68a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 18535
content-location: https://try.threatdown.com/2024-state-of-malware/
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 02:13:24 GMT
etag: "g:f39b6e011a5c4fa3ace27ff233a8f3b5"
link: <https://try.threatdown.com/2024-state-of-malware/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: 9f8287c1-d373-4d90-a0dc-b4b0fa86fee1
x-unbounce-variant: g
x-unbounce-visitorid: f39b6e01-1a5c-4fa3-ace2-7ff233a8f3b5

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 40ms
7ms Stylesheet
text/css 18.245.60.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 02:43:46 GMT
content-encoding: gzip
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
x-amz-version-id: GVFgUU1TNBfYZFxmy4v_rBGa7MxrBKpW
x-amz-cf-pop: FRA60-P5
age: 4231779
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Fri, 15 Dec 2023 17:54:33 GMT
server: AmazonS3
etag: "65d94e355664eb0c202cee7db35a61b5"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BcAGTq8udUernpXF08Jpn0SIc9zPs9p0LWVciS4DfZ2xIKZpMJnBGg==

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 23ms
7ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer: https://try.threatdown.com/
Origin: https://try.threatdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 12469804
x-cache: HIT, HIT
content-length: 31011
x-served-by: cache-lga21953-LGA, cache-fra-etou8220118-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707272004.349724,VS0,VE0
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 133, 64797

GET
H/1.1 200
OK bbd2c1606ea463f3010917a5cf4e7db1ce886192.js Show response
try.threatdown.com/_ub/static/ts/ 43 KB
15 KB 7ms
7ms Script
application/javascript 3.79.251.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.threatdown.com/_ub/static/ts/bbd2c1606ea463f3010917a5cf4e7db1ce886192.js
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.79.251.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-79-251-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d6bd0181c47b7bd42a39889b5d7ca79527cdb8654329bb6c52efef5374ebab2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/2024-state-of-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:36:11 GMT
content-encoding: br
x-proxy-backend: <CACHE>
last-modified: Tue, 23 Jan 2024 21:39:19 GMT
age: 1222634
etag: W/"6dab2b26e443489d181f79064bd673e5"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript
x-cache: Hit
cache-control: public, max-age=31536000, immutable

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
94 KB 61ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f458f0abab0b6bf3bb4908c0a22d7d4c83ed1bdc30faf32a5623240009ddf371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96493
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 02:13:24 GMT

GET
H2 200 forms2.min.js Show response
go.malwarebytes.com/js/forms2/js/ 199 KB
67 KB 346ms
117ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: "880be1-31ad2-60e27d4627680"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 85181d0c9b3a1e50-FRA
expires: Wed, 07 Feb 2024 06:13:24 GMT

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/ 3 KB
1 KB 221ms
185ms Script
application/javascript 2600:9000:214f:6000:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/tags.js

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:6000:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Clearbit /

Resource Hash

b8cad940bbe7be6642d4e6bd80946bb834b192a8e1f2fe89d4974562df589960

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA53-C1
etag: W/"015b6bca7bea24a52c3c5eb111b0dd35"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: mH1oIG7CcGdS-SLkK5_kjub828mZ9indEreDtH21-1KfWazYXM3Ssg==

GET
H2 404 request-trial.min.js
www.malwarebytes.com/js/corporate/pages/ 0
0 131ms
99ms Script
text/html 192.0.66.233
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/corporate/pages/request-trial.min.js
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.233 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

15dd40f19386303a8f905168185e422e41815f8fa2d655d860a0a676e173b460

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 02:13:24 GMT

GET
H2 200 main.bundle-b8bce47.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 8ms
7ms Script
application/javascript 18.245.60.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:02:07 GMT
content-encoding: gzip
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
x-amz-version-id: 1Mvk4FuYMeUSmuAPlWGBYo2y5i_JvMIh
x-amz-cf-pop: FRA60-P5
age: 4849878
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33784
last-modified: Fri, 08 Dec 2023 18:58:27 GMT
server: AmazonS3
etag: "2a9d0fd11f023fbc0d75be2d39992d11"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: q6xnBDnPmmYvu_VEYMoH1pEdVe83YlivBRkGk4rrH0fWVLs6yh077w==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 11 KB
4 KB 51ms
27ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=805334&u=https%3A%2F%2Ftry.threatdown.com%2F2024-state-of-malware%2F&vn=2
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ee3716e2d7a402bf082d9758eef73648a85a4ed8e7dbb7da8ae268dc70cc0ea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1707270957"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
95 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQ92VXZT

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68c9ccef0f2cfb80f06fe7c4c4042093098e9d70e32c63bfacd04e2e23d5ec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97040
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 00:09:44 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 02:13:24 GMT

GET
H2 200 7317c8f8-bg-chevron-strokes-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 152 KB
152 KB 33ms
8ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/7317c8f8-bg-chevron-strokes-1_1000000000000000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d46750e5acb17839981f2487d66f211c3347393951d1120c302c37d8a2f42fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: Zp4vHAoWUW7a_hjtHz_kSFDHZFWHbIwQ
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "5090ba8626c92f333ea5b6703e08704c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 155450
x-amz-cf-id: _NuNHzdckCWDSOoTH1QLS2GA8DcoNIQRkRrcR6oJJHFYTBGH-pMBzw==

POST
H/1.1 200
OK i
try.threatdown.com/_ub/ 2 B
346 B 100ms
99ms Ping
text/plain 3.79.251.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.threatdown.com/_ub/i
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/_ub/static/ts/bbd2c1606ea463f3010917a5cf4e7db1ce886192.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.79.251.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-79-251-47.eu-central-1.compute.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://try.threatdown.com/2024-state-of-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
x-proxy-backend: collector
server: akka-http/10.2.9
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://try.threatdown.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
content-length: 2

GET
H3 200 tag-793113e47eb4671f5afc195ce3ee1557.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 181 KB
51 KB 51ms
40ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-793113e47eb4671f5afc195ce3ee1557.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=805334&u=https%3A%2F%2Ftry.threatdown.com%2F2024-state-of-malware%2F&vn=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 949389225f338ab437ffda3e0d21142352e9ffba6bd9e072fb8dea1a7c3e9edd

Request headers

Referer: https://try.threatdown.com/
Origin: https://try.threatdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 06 Feb 2024 12:02:36 GMT
server: gfra1
etag: "65c21fdc-ca73"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51827

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
145 B 162ms
162ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=805334&d=try.threatdown.com&u=D251AD6B25F5CAE532FA9D678F6F84ECA&h=f775217886f532da98e2810cb9e513a1&t=false

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv2c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 32ms
16ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dulN1EiikhiO8GlkrdtHlg==
age: 79495
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6838
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 17:46:31 GMT
server: cloudflare
etag: 0x8DC2672631E21FF
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b3236ebc-601e-0080-51a9-58c685000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85181d0c0dd8bbf8-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
94 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQ92VXZT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

043f739c49d515cc70a24c7bf6a05f0f8720c2dd8f442eab94911dbbaa2e851f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 02:13:24 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 40ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je4250v872204243za200&_p=1707272004381&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1502273460.1707272004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707272004&sct=1&seg=0&dl=https%3A%2F%2Ftry.threatdown.com%2F2024-state-of-malware%2F&dt=2024%20State%20of%20Malware%20%7C%20ThreatDown%2C%20powered%20by%20Malwarebytes&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&epn.siteSpeedSampleRate=100&ep.variant_id=g&tfd=299
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:13:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.threatdown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=1502273460.1707272004&gtm=45je4250v872204243za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:13:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.threatdown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 44ms
17ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8KCHE3KSC&cid=1502273460.1707272004&gtm=45je4250v872204243za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=34605533

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:13:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 381d1392-b15b-49e3-9cf9-8a5e644c68da.json Show response
cdn.cookielaw.org/consent/381d1392-b15b-49e3-9cf9-8a5e644c68da/ 6 KB
2 KB 40ms
25ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/381d1392-b15b-49e3-9cf9-8a5e644c68da/381d1392-b15b-49e3-9cf9-8a5e644c68da.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab0b99db6105e9e4153ff1f688dd5964ef229207de847c2ba5ef0514a859d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 37589
content-md5: ofISm5EelQsO08FK9x9+YQ==
content-length: 1955
x-ms-lease-status: unlocked
last-modified: Wed, 15 Nov 2023 00:46:03 GMT
server: cloudflare
etag: 0x8DBE5743EECCF47
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1b3a86b9-f01e-002b-6203-56b94f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85181d0c5a4d37f1-FRA
expires: Thu, 08 Feb 2024 02:13:24 GMT

GET
H3 200 tag-5f4e85fd82d8088e7d9666f1fdcf6dd7.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 130 KB
33 KB 9ms
8ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-5f4e85fd82d8088e7d9666f1fdcf6dd7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-793113e47eb4671f5afc195ce3ee1557.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 48c2b7e11a03429298bf9fee7b3c171d0b41be7560a42410519e5a3945034b56

Request headers

Referer: https://try.threatdown.com/
Origin: https://try.threatdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 06 Feb 2024 12:02:36 GMT
server: gfra1
etag: "65c21fdc-8349"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33609

GET
H3 200 apmLib-d460ff62d35fe01bd1991c107edc379b.js Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 11ms
11ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apmLib-d460ff62d35fe01bd1991c107edc379b.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-793113e47eb4671f5afc195ce3ee1557.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: c12af73c7d806bf333980c5da006fc2f1c7f875baa6ffa128a8108d141186822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 06 Feb 2024 12:02:35 GMT
server: gfra1
etag: "65c21fdb-658"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 2 KB
895 B 10ms
10ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=805334&settings_type=1&vn=7.0&exc=4
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-793113e47eb4671f5afc195ce3ee1557.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 19fd03e2d166728412b52fec86c82a0585cbf9abe10afea94068264fe556396e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1707270957"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 13ms
13ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-793113e47eb4671f5afc195ce3ee1557.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 06 Feb 2024 12:02:35 GMT
server: gfra1
etag: "65c21fdb-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13599

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
53 B 110ms
110ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=805334&u=D251AD6B25F5CAE532FA9D678F6F84ECA&s=1707272004&p=1&ed=%7B%22tz%22%3A%22Europe%2FBerlin%22%2C%22tO%22%3A%22-1%22%2C%22lt%22%3A%221707272004544%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&cu=https%253A%252F%252Ftry.threatdown.com%252F2024-state-of-malware%252F&r=0&cq=1&vn=7.0.327&vns=undefined&vno=4.0.265&eTime=1707272004549&random=0.5324063019474818

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:13:24 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv2c
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 45ms
28ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://try.threatdown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 85181d0c9c8d9183-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/ 426 KB
103 KB 16ms
16ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1/fYiRcAkidM+2Rc1fEXtg==
age: 80288
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 104832
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:14 GMT
server: cloudflare
etag: 0x8DBD5D490C850BD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e7356784-101e-0051-37a0-0ba40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85181d0cce45bbf8-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/381d1392-b15b-49e3-9cf9-8a5e644c68da/f1ea6a4b-7145-4f4e-9026-924932aa0cbe/ 38 KB
11 KB 43ms
43ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/381d1392-b15b-49e3-9cf9-8a5e644c68da/f1ea6a4b-7145-4f4e-9026-924932aa0cbe/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d27d0aede6596a20b06339467d97da30a017a25b280fde87c4ec607eeb16f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: OC0tBvTL3/RToXuTfwgTQw==
content-length: 11162
x-ms-lease-status: unlocked
last-modified: Wed, 15 Nov 2023 00:46:18 GMT
server: cloudflare
etag: 0x8DBE574477E3AA4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b87a74ce-d01e-002c-1a3b-58d52c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85181d0cfabd37f1-FRA
expires: Thu, 08 Feb 2024 02:13:24 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 13 KB
3 KB 37ms
36ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: gA7tJXNyGFicHKODkM9Iaw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:07 GMT
server: cloudflare
etag: 0x8DBD5D48CFC97D7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f4114fb2-a01e-0036-393b-58b4f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85181d0d4ae237f1-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/ 64 KB
13 KB 18ms
18ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14854a5e198f939ca07cf5fea4418466f196a1dfa72e829dfe0157850d39392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HkSm8jQRWxYUOXcw9B+VNA==
age: 37585
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12874
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:10 GMT
server: cloudflare
etag: 0x8DBD5D48E6E1909
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 93474911-101e-007e-0b03-56a9c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85181d0d4ae537f1-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 5 KB
2 KB 47ms
47ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: yNa6Yc29I7rm/gwCvWCQmw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:09 GMT
server: cloudflare
etag: 0x8DBD5D48E0FDA7F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 72351f1a-b01e-002a-7f3b-58e693000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85181d0d4ae637f1-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 21 KB
4 KB 19ms
19ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 37585
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 61dd2997-901e-0060-5c03-56451c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85181d0d4ae737f1-FRA

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/ 0
37 B 265ms
187ms Script
application/javascript 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
content-length: 0

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/ 168 KB
45 KB 406ms
328ms Script
application/javascript 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

c4e1fd2041af31b05c83711865d548f3ec7f5fa9b7cd48060af8ba17f27a7056

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 forms.js Show response
x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/ 33 KB
10 KB 259ms
182ms Script
application/javascript 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/forms.js?page_path=%2F2024-state-of-malware%2F

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

6666c8ac4da0d9b54e1063aa99b002bab406e20f22ecfa0377964746a9906a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 404 request-trial.min.css
www.malwarebytes.com/css/corporate/pages/ 0
0 101ms
101ms Stylesheet
text/html 192.0.66.233
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/corporate/pages/request-trial.min.css
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.233 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 getForm Show response
go.malwarebytes.com/index.php/form/ 23 KB
6 KB 602ms
602ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.malwarebytes.com/index.php/form/getForm?munchkinId=805-USG-300&form=5897&url=https%3A%2F%2Ftry.threatdown.com%2F2024-state-of-malware%2F&callback=jQuery37107325505630681579_1707272004706&_=1707272004707
Requested by: Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 635365b6f109f34d7e098186d6176b9a0883ec8e9fd92c2022cf4be614d54666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: 165d2#18d815764de
x-marketo-source: Form Service
cf-ray: 85181d0d8bcc1e50-FRA
cached: false

GET
H2 200 HWyTnY16.min.js Show response
tag.demandbase.com/ 77 KB
22 KB 69ms
15ms Script
application/javascript 18.245.46.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/HWyTnY16.min.js

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-89.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f4d00a4c451e1986a2a6c7d3f2c397331ce757c51e7b6657edd2e9bae72ebe70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: O8zJ_UqVs.7KmxZ4t7lckynXyM9bL_ll
content-encoding: gzip
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 01:46:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 1614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 11 Dec 2023 18:10:22 GMT
server: AmazonS3
etag: W/"2c432ec26d22510682202460bd08312c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: tljzfnGL2yE658j5jLhOAFzbWAO1XaQdWIoQbtgGkcjTZLxxoKIzPA==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ 491 KB
196 KB 58ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://try.threatdown.com/
Origin: https://try.threatdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 10:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 10:21:02 GMT

GET
BLOB 200
OK cbcb10e2-f64f-44cb-bb16-968a0c6558d8
https://try.threatdown.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://try.threatdown.com/cbcb10e2-f64f-44cb-bb16-968a0c6558d8
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 9 KB
1 KB 57ms
11ms Stylesheet
text/css 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

7df18bad1fbab831062b4d72c8bd066e66cab0d5f6109a0b8dd66d09222693f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 14:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 43281
x-amzn-requestid: 9cf44073-eb0e-4429-855f-9a9084480933
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: St6oFHq_IAMECeg=
content-length: 715
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-65c23e33-056d5d4f56ff19a6306de1e4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: fDChiTPLkCrCjXzNzbjx9ZzT8LoIIRkWZBTMnWyk_zOXmK8AwIR5zQ==

GET
H2 200 633c2024-check-mark-3_100o00o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 406 B
824 B 12ms
11ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/633c2024-check-mark-3_100o00o000000000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 192bd46632c9deea1b57651ba5b1598dad3cbf42aaee051563cd51c4e9b86b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: tCkoFqGWjpLQ4R0Bht03pf8VtEWuYs_l
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "4b2504ef0eb3ef1922f4d213cef3d57c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 406
x-amz-cf-id: KvQ0bv4F6UipDLVhhI_ywoVjB-dWXf5kuFxOwyH8DNrDvzSsmbjugQ==

GET
H2 200 c5e66d0e-threatdown-horizontal-navy_107301i000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 2 KB
3 KB 12ms
10ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/c5e66d0e-threatdown-horizontal-navy_107301i000000000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d48a84d409af98aecbbfc8e2a4362f5c5292c4631928d1ecd1b107aac375526d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: RVPnp8T63S_4alPMtIrZpiO.GGqLgy9a
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "7a53323d5e412ad923c2b6443c9c9311"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2286
x-amz-cf-id: mGCHaE-0x1NJASdxhgeHGoAsgZ1U6t2nonXQzfo20oYldN0Sqzwokw==

GET
H2 200 86f05d8f-linkedin.svg
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 694 B
1 KB 13ms
12ms Image
image/svg+xml 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/86f05d8f-linkedin.svg
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 851495cc18784cae757c6cf8d5bd6042f6325647ecb6d4aaa7fd3b603b20801f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: APWdGU.jYjdo7NOFRVkMj1sl_XljCtk7
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "b7d762d9bcb616fca18554d94802d3ee"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 694
x-amz-cf-id: _o4_Q1I_PU_qy3b4aMeBB6gklPUHoa27O_AP_N3PCOcdGjD_53J_Xw==

GET
H2 200 d473a421-logo-white_100h00h00h00g000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 324 B
741 B 29ms
28ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/d473a421-logo-white_100h00h00h00g000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bc72a0dcdc28a4051531bbc492c3d471d21bc1ad82c40dde0ed845cfd880e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: gHJrOtmtDO.j05Jxmiveo_qpus.5Mo_1
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "69842eb42844e5697f52f15802815a58"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 324
x-amz-cf-id: BEsaM62rGQskjmSB2fl4MFLL2fv2dQo8DSxr1BVHg8707uBMeFV76Q==

GET
H2 200 a0e423ac-youtube.svg
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 781 B
1 KB 14ms
13ms Image
image/svg+xml 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/a0e423ac-youtube.svg
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c007fe440b9bc335b21e039feac8deaf5f14f3de16ea41ffa81a3f610096cd69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: rgGSry3p6nk513cpf2fGigNwlOrcE.zk
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "081f067d429b3c6a78729d7deac02168"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 781
x-amz-cf-id: l_Cpt7tx32N9hcPUxNdU6aOlxauBs2nKD8qio-RXFYK5lvWRZc-JYQ==

GET
H2 200 fd8ccfdd-corp-som-2024-ipad_10b50dw000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 35 KB
35 KB 16ms
15ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/fd8ccfdd-corp-som-2024-ipad_10b50dw000000000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d0b2cfee180c8f7851595e18a76a472e16adcbf711c927b2648e7efd499e47b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: 9hz.I37W53m0bXwdUVAN2lttGVQvROhp
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "662f5cae014cd82c0412137079e65746"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 35629
x-amz-cf-id: dXZlCZyjhAGAxGV3ryq_ZcgXw6J139ewsYLM82Nwjn7ofUUFW1h3fw==

GET
H2 200 6d193f08-corp-som-2024-tn-500x500-1_10dw0dw000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 45 KB
46 KB 16ms
15ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/6d193f08-corp-som-2024-tn-500x500-1_10dw0dw000000000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6666af6f33456503b7505ebd49bb1cc4016a28a5994fbefe1e95460487f6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: fHEqno7ADCZ3Mt0wxm6T2WgXQm7XfaQ2
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "9fb97683e412da8e06320610c04b840d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 46321
x-amz-cf-id: lINoc0Djro1bgGfL1c0uCdhZDEwtMh28dxqJQEMCBx3vjyWrozhuzw==

GET
H2 200 274e9919-corp-som-2024-book-tn-2_10fy09z0f209500h00f028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 33 KB
33 KB 13ms
12ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/274e9919-corp-som-2024-book-tn-2_10fy09z0f209500h00f028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bb7819a7f26e900d6109aa1f6230eb1240ee48c003d052bc1fa8139fb937e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: iha1UIbsHusRTnwUYNoLnGuLvfvn0ZHQ
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "969a413ffb1ee2e27bb0f06241cb0a52"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 33821
x-amz-cf-id: ehIjw0ejFwRtxsBBLszDdoLzCJtwDZzkXXVAHRnjUGTXqJQThjpxQQ==

GET
H2 200 78ebab73-corp-som-2024-icon-6-1_107207f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 3 KB
4 KB 18ms
17ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/78ebab73-corp-som-2024-icon-6-1_107207f000000000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c129384f6e24fb6fa37bfd3048bf1dc6f4c61eb1e222ea20029451369595eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: wspDRzAl6KJaMOb.czlpjzZpZXzABTBO
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "f8af16ec04f926f55442f1825c8ec4a7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3324
x-amz-cf-id: H95s2HSRhu3imk-yV1Sb3Z9p5hxtsvtluLXblrzECOK33Wlnq_sRmw==

GET
H2 200 bc98228f-corp-som-2024-icon-5-3_1050059000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 3 KB
3 KB 19ms
18ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/bc98228f-corp-som-2024-icon-5-3_1050059000000000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d70e536f9a3c65fc9db37f76f36355a9d5e7eb617b7d14aa6cad59226cb0d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: .H.7yCLLEtDjqTAx4YKTl3.2Zq1BmLWH
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "d050d7a674e9b0fb54cbc3e599f6a6cb"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2815
x-amz-cf-id: mwcUpEZHFr9L2XwBfySEGaZlM5t-VsrdostXXRTW0dsieS0WasLcIQ==

GET
H2 200 08f50a86-corp-som-2024-icon-7-1_107207g07207f000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 4 KB
4 KB 29ms
29ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/08f50a86-corp-som-2024-icon-7-1_107207g07207f000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c57f7f2183ef1835afcd241825358f0cc4745addf4d7f174c6df6d2def8e2c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: r5VNgKwolwAIgrfhbWUQRP_THra8mtQI
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "4c0374bbc064132aac9f676bf322f740"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4130
x-amz-cf-id: 9dAX_Cipqx7y6VDqaspwS__J6BfQ5JHffHU5-WNvhvo2lpaMwlb4Rg==

GET
H2 200 544694e7-boxes_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/ 40 KB
40 KB 29ms
29ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.threatdown.com/2024-state-of-malware/544694e7-boxes_1000000000000000000028.png
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a423eeef915caa04cdc02841a8b7d8fe0e1020f3f447d5613fb40bba0f88b90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 08:05:48 GMT
x-amz-version-id: Bb4hPuZBRlRovw5WjHc_nOCuXG9Ygyow
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 21:29:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65257
etag: "e04242cdb80571138666e42209345fb9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 40690
x-amz-cf-id: 67hHzg2ApkgBdkInwRK5Iw_WFMgZEqrYNzGu91ngCdz4lu2g_dqsOA==

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 28ms
16ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 81117
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 03:34:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cd2f223d-101e-009a-45ef-57a75a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85181d0ddedfbbf8-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 22ms
17ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 37585
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 17:46:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2dd6bf5e-d01e-002c-51af-58d52c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85181d0ddb3437f1-FRA

GET
H2 200 ThreatDown_Horizontal_Reverse_1.png
cdn.cookielaw.org/logos/4e1c8bc8-2743-413b-8699-aad2216e8616/6e92ecb0-4e42-4d30-8f04-407f278db3b5/b82dfa15-25d8-4665-ba3c-6a24ec909e54/ 6 KB
7 KB 40ms
39ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/4e1c8bc8-2743-413b-8699-aad2216e8616/6e92ecb0-4e42-4d30-8f04-407f278db3b5/b82dfa15-25d8-4665-ba3c-6a24ec909e54/ThreatDown_Horizontal_Reverse_1.png

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8c32294948f5448c2ac0bcdf5b98909dab4ee73ac854be06bfd4a13bce89363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nH40X2VjWJZythBS11v9uw==
content-length: 6630
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 21:34:45 GMT
server: cloudflare
etag: 0x8DBE4905AE5595C
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0c0b348b-401e-005c-4731-176cdb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85181d0e3f0dbbf8-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 16ms
16ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 68950
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 17:46:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9d8be78b-b01e-0048-4db0-5824b4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85181d0e3f0ebbf8-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 23ms
8ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500
Origin: https://try.threatdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15860
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5980662
x-amzn-requestid: 9a5393ea-7bc1-45a3-b46a-ecf6ca4dab84
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: PLbEPH5LoAMEJWA=
content-length: 15883
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6567a54e-26543c6456bccc4517bb47d0
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eu_eIEOVzXtIhdu1RerUMXROz8x--Xy5iFpK8MGAPaMGcf9lAuobHg==

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 29ms
15ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500
Origin: https://try.threatdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15752
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5191883
x-amzn-requestid: 31b3cc52-7c7e-445e-85d2-87889955af20
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Ppgy8FxVoAMEiOQ=
content-length: 15775
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6573ae78-4c8098ff796a8bcb567993cf
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 4oYuV1CvxUl7wEPh7Uo0u9mF7Ahew2mzlh0EzqQ8QEhGJeEGJ2AkCg==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 23ms
10ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500
Origin: https://try.threatdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 00:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15744
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5882426
x-amzn-requestid: 006f3414-a0a7-4da2-a908-6ac17f552e36
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: PPK5uFW-oAMEuIA=
content-length: 15767
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6569250a-5badf6270a1d6fbf7316109a
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WzoQjmGH8TVBkp5Mb9JVzAVfqPX3FzGBz0kWIZ_CHaHAHuIYy0B5cw==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 16 KB
16 KB 29ms
16ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,900,regular,500
Origin: https://try.threatdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15920
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 6067453
x-amzn-requestid: c6a77fff-ceb0-4172-9a6b-980b8a0a3544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: PIHLPEwcIAMEPkA=
content-length: 15943
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65665247-5268e89c78771e2044289a38
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TBRTRWHU7XnN19LmaQvMuKUmYkeS4CihJQMQCafJ04gaBJypBCJi7g==

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 2E33 634 B
968 B 154ms
96ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 793b0ab5f87a0efa9ddd4b40282ae080ac11f5b57b2ee6f805de137dd12773e6

Request headers

Referer: https://try.threatdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 02:13:24 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 56ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
2 KB 77ms
43ms XHR
application/json 18.66.97.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Ftry.threatdown.com%2F2024-state-of-malware%2F&page_title=2024%20State%20of%20Malware%20%7C%20ThreatDown%2C%20powered%20by%20Malwarebytes
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-17.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: fd3532a773a47605e7b8a8e26c6a87bb9cc6d14d327efc1637d260a4eb556bcd

Request headers

Referer: https://try.threatdown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
identification-source: CACHE
content-encoding: gzip
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 2042d582-cdb8-4d1e-bf3d-1b8e696828c8
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://try.threatdown.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vOAQGIEDR38na3OVyUnUd_x46_kQNJwRuMz_JSDw6-YFCk8wsOOwHg==
expires: Tue, 06 Feb 2024 02:13:24 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6D7A 45 KB
28 KB 30ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdP4FkpAAAAAO6luyUOWiI6GDPC5qVN8E7FXvOq&co=aHR0cHM6Ly90cnkudGhyZWF0ZG93bi5jb206NDQz&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=t83guvozf41b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

02028b414599697f2b330862c239fe23cf3b20f8a748b91a3f636e0784361227

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rZXT1NAAxlKzSWVQije7eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.threatdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rZXT1NAAxlKzSWVQije7eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 02:13:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 6D7A 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdP4FkpAAAAAO6luyUOWiI6GDPC5qVN8E7FXvOq&co=aHR0cHM6Ly90cnkudGhyZWF0ZG93bi5jb206NDQz&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=t83guvozf41b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 21:05:45 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 6D7A 491 KB
196 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 10:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 10:21:02 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
401 B 166ms
106ms XHR
text/html 2600:9000:2156:c000:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=vOAQGIEDR38na3OVyUnUd_x46_kQNJwRuMz_JSDw6-YFCk8wsOOwHg==&api-version=v2
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c000:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:27:09 GMT
x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 71177
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 2_-QFvs8oI-_O_XziA5Of4Gmqy4Od5Zt8OkjWxolJK8HKAE4u4d-SQ==

GET
H3 200 qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js Show response
www.google.com/js/bg/ Frame 6D7A 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdP4FkpAAAAAO6luyUOWiI6GDPC5qVN8E7FXvOq&co=aHR0cHM6Ly90cnkudGhyZWF0ZG93bi5jb206NDQz&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=t83guvozf41b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 18:31:22 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6D7A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:51:38 GMT
x-content-type-options: nosniff
age: 26507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Feb 2024 18:51:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D7A 15 KB
16 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 160895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D7A 15 KB
15 KB 31ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 61451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:09:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6D7A 102 B
135 B 15ms
15ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdP4FkpAAAAAO6luyUOWiI6GDPC5qVN8E7FXvOq&co=aHR0cHM6Ly90cnkudGhyZWF0ZG93bi5jb206NDQz&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=t83guvozf41b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 02:13:25 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 2E33
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1722996804&external_user_id=24879452-cce7-4ee3-b448-2dc7f52b3e2e
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1722996804&external_user_id=24879452-cce7-4ee3-b448-2dc7f52b3e2e&C=1

43 B
336 B

22ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1722996804&external_user_id=24879452-cce7-4ee3-b448-2dc7f52b3e2e&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:13:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=489y77rh0ZHEoiQYdqkl%2F8hrObVRa1XjQFa7SESr7is2p6FwMx4wXu6JWZQ1M4McvqRPaXxyaP0G3g10P1VIAJKzL3XUzVelIb7MU45Jv6iAVABY372C%2FnBvZykJbiVtQ0VwUAOFrKTqfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85181d0fcb1391d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:13:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAD318ge%2BYC%2FbZ9HkzN3zgIHPXHEwt6I7GMS4oK7st7DdAM0%2FBKxMxI%2BH7koHwld6km0MOT1%2F3%2B82fz1I3wikLzNKM43265i3sj7FE7FaoKNjqbiNheG%2Bo5R4ZL4KPUm8h71iRPciOTpcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=18&expiry=1722996804&external_user_id=24879452-cce7-4ee3-b448-2dc7f52b3e2e&C=1
cache-control: no-cache
cf-ray: 85181d0fab0191d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 2E33 43 B
392 B 292ms
92ms Image
image/gif 2600:1f18:612b:4232:b45c:2ea4:feea:e8e2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=24879452-cce7-4ee3-b448-2dc7f52b3e2e
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:b45c:2ea4:feea:e8e2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 07 Feb 2024 02:13:25 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 2E33 0
239 B 47ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=24879452-cce7-4ee3-b448-2dc7f52b3e2e&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 analyze
r3.visualwebsiteoptimizer.com/ 35 B
257 B 293ms
93ms Image
image/gif 35.194.81.74
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r3.visualwebsiteoptimizer.com/analyze?codedo=set_html_and_recording&a=805334&e=%7B%7D&title=2024%20State%20of%20Malware%20%7C%20ThreatDown%2C%20powered%20by%20Malwarebytes&url=https%3A%2F%2Ftry.threatdown.com%2F2024-state-of-malware%2F&referring_url=&session_id=1707272004&recording_id=1&return_visitor=false&ins=true&start_time=1707272005242&end_time=1707272005255&window_width=1600&window_height=1200&sh=1200&sw=1600&vn=4.0.265&rand=0.06770770670904103&eTime=1707272005255&scroll_percentage=33&he=%7B%224%22%3A%22D251AD6B25F5CAE532FA9D678F6F84ECA%22%7D&count=1

Requested by

Host: try.threatdown.com
URL: https://try.threatdown.com/2024-state-of-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.81.74 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

74.81.194.35.bc.googleusercontent.com

Software

r3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:13:24 GMT
x-content-type-options: nosniff
server: r3
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 270ms
214ms XHR
application/json 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.threatdown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Origin
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://try.threatdown.com
access-control-expose-headers
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 forms2.css
go.malwarebytes.com/js/forms2/css/ 13 KB
3 KB 110ms
110ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/js/forms2/css/forms2.css

Requested by

Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
etag: "1640bd1-3437-60e27d4627680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 85181d114e5c1e50-FRA
content-length: 2623
expires: Wed, 07 Feb 2024 06:13:25 GMT

GET
H2 200 forms2-theme-simple.css
go.malwarebytes.com/js/forms2/css/ 826 B
326 B 121ms
121ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
etag: "1640bd3-33a-60e27d4627680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 85181d114e5f1e50-FRA
content-length: 242
expires: Wed, 07 Feb 2024 06:13:25 GMT

GET
H2 200 XDFrame Show response
go.malwarebytes.com/index.php/form/ Frame 1EB5 2 KB
860 B 109ms
108ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/index.php/form/XDFrame

Requested by

Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

837b96331fe847d63110348763da76af78f2351b85dbb7e3f30c8ed404178d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.threatdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 85181d125f121e50-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 02:13:25 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 forms_356b62d600.min.js Show response
tag.demandbase.com/shared/ 171 KB
55 KB 8ms
8ms Script
application/javascript 18.245.46.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/shared/forms_356b62d600.min.js

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/HWyTnY16.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-89.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a0ef6bb281f4e2cfd46a58b750e58514bbf096f59d2195b082136d9e3e408f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: k9GDf3P4Q1TRhMmUghTWX.qBQDy7JCtb
content-encoding: gzip
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 05:21:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 75117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 11 Dec 2023 17:30:15 GMT
server: AmazonS3
etag: W/"af93732215ee92cca5606b1c9008d8f5"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: KxFFBIka9q59WiXHa8dSAhEv0_i3Fsguzx3uy5EaWmkwOt74ERkEHg==

GET
H2 200 forms_analytics.js Show response
x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/ 4 B
89 B 258ms
258ms Script
application/javascript 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/forms_analytics.js?event=form_loaded&integration=marketo&form_session_id=c3597807-0ddf-4017-a02c-b86253675299&total_fields=37&page_path=%2F2024-state-of-malware%2F

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/forms.js?page_path=%2F2024-state-of-malware%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 stylesheet_356b62d600.v2.css
scripts.demandbase.com/shared/ 27 KB
4 KB 102ms
23ms Stylesheet
text/css 18.161.97.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/shared/stylesheet_356b62d600.v2.css

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/shared/forms_356b62d600.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.97.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-97-117.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fa176af3695a7e918096d7d71a501167980482180f48dc0e4515855901b42969

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.threatdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: b4U0Sp_cSR8cL2KKud4DtRnYSBOIACjC
content-encoding: gzip
via: 1.1 02a8cd9f0c3a542c72bf433c4a4ccbb6.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 07:34:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MRS52-P3
age: 67248
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 11 Dec 2023 17:30:15 GMT
server: AmazonS3
etag: W/"178916ae2031afd4e0b75797aa965718"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: N3jh-IPx-qMHUNuZWH6bRgX74cJBp-xM1GcSV1zALssywK_vF138pg==

GET
H2 200 forms2.min.js Show response
go.malwarebytes.com/js/forms2/js/ Frame 1EB5 199 KB
66 KB 25ms
25ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Requested by

Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.malwarebytes.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
cf-cache-status: HIT
age: 1
etag: "880be1-31ad2-60e27d4627680"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 85181d130f871e50-FRA
expires: Wed, 07 Feb 2024 06:13:25 GMT

POST
H3 200 apm
dev.visualwebsiteoptimizer.com/ 0
33 B 95ms
95ms Ping
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apm
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/apmLib-d460ff62d35fe01bd1991c107edc379b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv2c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.threatdown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 02:13:25 GMT
content-encoding: gzip
via: 1.1 google
server: gnv2c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je4250v872204243za200&_p=1707272004381&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dYWJhMj&cid=1502273460.1707272004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sid=1707272004&sct=1&seg=0&dl=https%3A%2F%2Ftry.threatdown.com%2F2024-state-of-malware%2F&dt=2024%20State%20of%20Malware%20%7C%20ThreatDown%2C%20powered%20by%20Malwarebytes&_s=2&tfd=5520
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.threatdown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:13:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.threatdown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
try.threatdown.com/2024-state-of-malware/	1970-01-20 22:39:29	Name: ubpv Value: g%2C9f8287c1-d373-4d90-a0dc-b4b0fa86fee1
try.threatdown.com/	1970-01-20 22:33:44	Name: ubvs Value: f39b6e01-1a5c-4fa3-ace2-7ff233a8f3b5
.threatdown.com/	1970-01-20 18:18:51	Name: ubvt Value: v2%7Cf39b6e01-1a5c-4fa3-ace2-7ff233a8f3b5%7C9f8287c1-d373-4d90-a0dc-b4b0fa86fee1%3Ag%3Aweighted
.try.threatdown.com/	1970-01-21 03:01:34	Name: _vwo_uuid_v2 Value: D251AD6B25F5CAE532FA9D678F6F84ECA\|f775217886f532da98e2810cb9e513a1
.threatdown.com/	1970-01-21 03:50:32	Name: _ga Value: GA1.1.1502273460.1707272004
.threatdown.com/	1970-01-20 20:38:32	Name: _vis_opt_s Value: 1%7C
.threatdown.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.threatdown.com/	1970-01-21 03:50:32	Name: _vwo_uuid Value: D251AD6B25F5CAE532FA9D678F6F84ECA
.threatdown.com/	1970-01-20 18:57:44	Name: _vwo_ds Value: 3%3Aa_1%2Ct_0%3A0%241707272004%3A84.10780879%3A%3A%3A4_1%3A0
.go.malwarebytes.com/	1970-01-20 18:14:33	Name: __cf_bm Value: 5AZmrgWuH9IdA0xPi2sVt2LVwywkrbPGDfgtTmkXejs-1707272004-1-Ae1mNMbRyEhZgGtZdXYdvUw+ZpIwqCZCkD1wL5iFddKyVSrKUZFTsmrrJzJ3uRs9glz4fBekRwHXjfwH4Vcml0c=
.threatdown.com/	1970-01-20 22:33:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Feb+07+2024+03%3A13%3A24+GMT%2B0100+(Central+European+Standard+Time)&version=202310.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=1568693a-f620-42f8-b4ab-0ec7da707e21&interactionCount=0&landingPath=https%3A%2F%2Ftry.threatdown.com%2F2024-state-of-malware%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.threatdown.com/	1970-01-21 03:50:32	Name: _ga_K8KCHE3KSC Value: GS1.1.1707272004.1.0.1707272004.60.0.0
.company-target.com/	1970-01-21 03:50:32	Name: tuuid Value: 24879452-cce7-4ee3-b448-2dc7f52b3e2e
.company-target.com/	1970-01-21 03:50:32	Name: tuuid_lu Value: 1707272004\|ix:0\|mctv:0\|rp:0
.casalemedia.com/	1970-01-21 03:00:08	Name: CMID Value: ZcLnRXOagKfonInYSrtjbAAA
.casalemedia.com/	1970-01-20 20:24:08	Name: CMPS Value: 2209
.casalemedia.com/	1970-01-20 20:24:08	Name: CMPRO Value: 2209
.threatdown.com/	1970-01-20 18:14:33	Name: _vwo_sn Value: 0%3A1%3Ar3.visualwebsiteoptimizer.com%3A1%3A1%3Areferrer%3D
.threatdown.com/	1970-01-21 03:00:08	Name: cb_user_id Value: null
.threatdown.com/	1970-01-21 03:00:08	Name: cb_group_id Value: null
.threatdown.com/	1970-01-21 03:00:08	Name: cb_anonymous_id Value: %227f2b2402-8b31-4382-be5e-7512c53835ad%22
.tremorhub.com/	1970-01-21 03:00:28	Name: tvid Value: c35617f10e2449c4a8598b18384dcfcc
.tremorhub.com/	1970-01-21 03:50:32	Name: tv_UIDM Value: 24879452-cce7-4ee3-b448-2dc7f52b3e2e

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.malwarebytes.com/js/corporate/pages/request-trial.min.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.malwarebytes.com/css/corporate/pages/request-trial.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://try.threatdown.com/2024-state-of-malware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
app.clearbit.com
builder-assets.unbounce.com
cdn.cookielaw.org
code.jquery.com
d9hhrg4mnvzow.cloudfront.net
dev.visualwebsiteoptimizer.com
dsum-sec.casalemedia.com
fonts.gstatic.com
fonts.ub-assets.com
geolocation.onetrust.com
go.malwarebytes.com
id.rlcdn.com
partners.tremorhub.com
pixel.rubiconproject.com
r3.visualwebsiteoptimizer.com
region1.analytics.google.com
s.company-target.com
scripts.demandbase.com
stats.g.doubleclick.net
tag-logger.demandbase.com
tag.clearbitscripts.com
tag.demandbase.com
try.threatdown.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.malwarebytes.com
x.clearbitjs.com
104.17.71.206
13.32.99.8
172.64.151.101
18.158.205.16
18.161.97.117
18.245.46.89
18.245.60.25
18.66.97.17
192.0.66.233
2001:4860:4802:32::36
2600:1f18:612b:4232:b45c:2ea4:feea:e8e2
2600:9000:214f:6000:7:d7d6:3c40:93a1
2600:9000:2156:c000:1d:8d6d:3b40:93a1
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2a00:1450:4001:806::2008
2a00:1450:4001:813::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a04:4e42:200::649
3.79.251.47
34.96.102.137
34.96.71.22
35.194.81.74
35.244.174.68
52.222.250.12
69.173.144.165
02028b414599697f2b330862c239fe23cf3b20f8a748b91a3f636e0784361227
043f739c49d515cc70a24c7bf6a05f0f8720c2dd8f442eab94911dbbaa2e851f
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
15dd40f19386303a8f905168185e422e41815f8fa2d655d860a0a676e173b460
192bd46632c9deea1b57651ba5b1598dad3cbf42aaee051563cd51c4e9b86b3b
19fd03e2d166728412b52fec86c82a0585cbf9abe10afea94068264fe556396e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb7819a7f26e900d6109aa1f6230eb1240ee48c003d052bc1fa8139fb937e2d
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bc72a0dcdc28a4051531bbc492c3d471d21bc1ad82c40dde0ed845cfd880e7b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
48c2b7e11a03429298bf9fee7b3c171d0b41be7560a42410519e5a3945034b56
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
635365b6f109f34d7e098186d6176b9a0883ec8e9fd92c2022cf4be614d54666
6666c8ac4da0d9b54e1063aa99b002bab406e20f22ecfa0377964746a9906a81
68c9ccef0f2cfb80f06fe7c4c4042093098e9d70e32c63bfacd04e2e23d5ec93
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d0b2cfee180c8f7851595e18a76a472e16adcbf711c927b2648e7efd499e47b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
793b0ab5f87a0efa9ddd4b40282ae080ac11f5b57b2ee6f805de137dd12773e6
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d27d0aede6596a20b06339467d97da30a017a25b280fde87c4ec607eeb16f59
7d70e536f9a3c65fc9db37f76f36355a9d5e7eb617b7d14aa6cad59226cb0d85
7df18bad1fbab831062b4d72c8bd066e66cab0d5f6109a0b8dd66d09222693f2
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837b96331fe847d63110348763da76af78f2351b85dbb7e3f30c8ed404178d61
851495cc18784cae757c6cf8d5bd6042f6325647ecb6d4aaa7fd3b603b20801f
88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c
8a423eeef915caa04cdc02841a8b7d8fe0e1020f3f447d5613fb40bba0f88b90
8c129384f6e24fb6fa37bfd3048bf1dc6f4c61eb1e222ea20029451369595eb2
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
949389225f338ab437ffda3e0d21142352e9ffba6bd9e072fb8dea1a7c3e9edd
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ef6bb281f4e2cfd46a58b750e58514bbf096f59d2195b082136d9e3e408f14
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a14854a5e198f939ca07cf5fea4418466f196a1dfa72e829dfe0157850d39392
a6666af6f33456503b7505ebd49bb1cc4016a28a5994fbefe1e95460487f6a97
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
b8cad940bbe7be6642d4e6bd80946bb834b192a8e1f2fe89d4974562df589960
b9af250ed57eca50337f383062a92bf7767387429808fd94f46bebc2e4eea68a
be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d
c007fe440b9bc335b21e039feac8deaf5f14f3de16ea41ffa81a3f610096cd69
c12af73c7d806bf333980c5da006fc2f1c7f875baa6ffa128a8108d141186822
c4e1fd2041af31b05c83711865d548f3ec7f5fa9b7cd48060af8ba17f27a7056
c57f7f2183ef1835afcd241825358f0cc4745addf4d7f174c6df6d2def8e2c3c
c8c32294948f5448c2ac0bcdf5b98909dab4ee73ac854be06bfd4a13bce89363
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d46750e5acb17839981f2487d66f211c3347393951d1120c302c37d8a2f42fcc
d48a84d409af98aecbbfc8e2a4362f5c5292c4631928d1ecd1b107aac375526d
d6bd0181c47b7bd42a39889b5d7ca79527cdb8654329bb6c52efef5374ebab2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eab0b99db6105e9e4153ff1f688dd5964ef229207de847c2ba5ef0514a859d6d
ee3716e2d7a402bf082d9758eef73648a85a4ed8e7dbb7da8ae268dc70cc0ea8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f458f0abab0b6bf3bb4908c0a22d7d4c83ed1bdc30faf32a5623240009ddf371
f4d00a4c451e1986a2a6c7d3f2c397331ce757c51e7b6657edd2e9bae72ebe70
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa176af3695a7e918096d7d71a501167980482180f48dc0e4515855901b42969
fd3532a773a47605e7b8a8e26c6a87bb9cc6d14d327efc1637d260a4eb556bcd
feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6

try.threatdown.com Open in urlscan Pro 3.79.251.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

98 %HTTPS

45 %IPv6

23 Domains

30 Subdomains

30 IPs

4 Countries

1807 kBTransfer

4684 kBSize

23 Cookies

2 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

try.threatdown.com Open in urlscan Pro
3.79.251.47 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

98 %
HTTPS

45 %
IPv6

23
Domains

30
Subdomains

30
IPs

4
Countries

1807 kB
Transfer

4684 kB
Size

23
Cookies

89 HTTP transactions
1 data transactions