urlscan.io logo urlscan.io
SecurityTrails logo

controlc.com Open in urlscan Pro
172.67.219.69  Public Scan

Go To Rescan Add Verdict Report
URL: https://controlc.com/e4d11035%20benign.exe
Submission: On December 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 34 HTTP transactions. The main IP is 172.67.219.69, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com.
TLS certificate: Issued by WE1 on November 18th 2024. Valid for: 3 months.
This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 172.67.219.69 13335 (CLOUDFLAR...)
4 104.18.20.206 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.160.152.31 396982 (GOOGLE-CL...)
3 142.250.186.130 15169 (GOOGLE)
8 2600:9000:26d... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 18.193.248.185 16509 (AMAZON-02)
34 10
14    172.67.219.69 (United States)

ASN13335 (CLOUDFLARENET, US)
controlc.com
4    104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
8    2600:9000:26db:1200:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
1    18.193.248.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-248-185.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
Apex Domain
Subdomains		 Transfer
14 controlc.com
controlc.com
115 KB
9 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 5292
api.cmp.inmobi.com — Cisco Umbrella Rank: 18916
223 KB
5 pub.network
a.pub.network — Cisco Umbrella Rank: 4296
d.pub.network — Cisco Umbrella Rank: 4761
301 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
209 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
97 KB
34 7
Domain Requested by
14 controlc.com 1 redirects controlc.com
8 cmp.inmobi.com a.pub.network
cmp.inmobi.com
4 a.pub.network controlc.com
a.pub.network
3 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
controlc.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 www.google.de controlc.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 d.pub.network controlc.com
1 www.googletagmanager.com controlc.com
34 10

This site contains no links.

Subject Issuer Validity Valid
controlc.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
pub.network
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
d.pub.network
WR3		 2024-11-08 -
2025-02-06		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2024-07-31 -
2025-07-31		 a year crt.sh
*.google.de
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://controlc.com/e4d11035%20benign.exe
Frame ID: 492526B96E26500D49F36FB4ED97AF98
Requests: 32 HTTP requests in this frame

Frame: https://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: D7F19901C508FA932140B69A72B25B89
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The easiest way to host your text

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

97 %
HTTPS

40 %
IPv6

7
Domains

10
Subdomains

10
IPs

4
Countries

944 kB
Transfer

3512 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request e4d11035%20benign.exe
controlc.com/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.38
Resource Hash
e5e5453af8dcaf5119bc545d4070e22cd7dbd208979658f9710c409873854f32

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
BYPASS
cf-ray
8ee5f47bea9d9238-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 16:40:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NuAnceRbKfm65q2Mvc90xJYrzf5fC53tcXqOjR1gsibjxd36LcNxSAualyTC7PERiKsU5A%2F5J0FTaaUNKv%2BrnO5lRXdKbdgB0N17IYxA6qPD9z233QpjCCsgMEZS5OA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=7094&min_rtt=6886&rtt_var=1408&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4226&recv_bytes=4551&delivery_rate=859&cwnd=12000&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=57&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/5.5.38
global.css
controlc.com/public/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/css/global.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd4e7001db94b80bc6dab74d980a9c6c65933917e3af6de002442a6afe562f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"555139ee-3b05"
age
4194
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDoeUd9pcdFBZjPTmeUjteSZYgwxufvrJQOPaAOGxF7O%2FoSNgzVSSRCJFF53yxwM2kP214JnOflgEA64PVrmygndLOt3ayUlWxZ6ImHI4yeJMDPdCUpE9Jj7%2BEzmQjM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7028&min_rtt=6795&rtt_var=905&sent=28&recv=20&lost=0&retrans=0&sent_bytes=20538&recv_bytes=6969&delivery_rate=631017&cwnd=12000&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=92&x=1", cfExtPri, cfHdrFlush;dur=7
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
text/css
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47c4b0c9238-FRA
server
cloudflare
bootstrap.css
controlc.com/public/css/ 		97 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/css/bootstrap.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2d5d522b04b79738c2c7497ca8286046fbb7712d49569b58c60c8535780755

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"555139ee-182dc"
age
2177
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k04EEeffCrDB0ot7W%2BGqhgfLSJ6jfSsVORczDUDiG26LY5Djq113smwiFUQiKYgOepmlq7GpszMPieUnIrex%2BaIBcuVbiz5aLSid7Lf%2FNeXq28NYYNy2sAIvodSiPJQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7028&min_rtt=6795&rtt_var=905&sent=28&recv=20&lost=0&retrans=0&sent_bytes=20538&recv_bytes=6969&delivery_rate=631017&cwnd=12000&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=88&x=1", cfExtPri, cfHdrFlush;dur=12
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
text/css
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47c4b0d9238-FRA
server
cloudflare
bootstrap-responsive.css
controlc.com/public/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/css/bootstrap-responsive.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e738183a60e8cf19e763729b96c19d0ccee30f225e75ad61b8648a3cc7bfa969

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"555139ee-37e4"
age
2177
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4CF4J%2Fa9ptHUAIk77DI%2FVJho1CZ2%2FuEMZN%2FWiKl2m%2BjdCQpQtXa8031K%2FPBxY2GsqUI1rqrkwxo7mPe9nC6HeLDlBWkI8EJO6WlpjVuY2hgxDhJSrfoETWLW7JCwIw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7028&min_rtt=6795&rtt_var=905&sent=28&recv=20&lost=0&retrans=0&sent_bytes=20538&recv_bytes=6969&delivery_rate=631017&cwnd=12000&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=88&x=1", cfExtPri, cfHdrFlush;dur=12
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
text/css
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47c4b0e9238-FRA
server
cloudflare
smallpage.css
controlc.com/public/css/ 		30 B
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/css/smallpage.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62798140379008b3de9cf422020c1e5abd0bfc16440ebc66dcb8f5c80c8c663

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"555139ee-1e"
age
1365
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLlr4R9%2FXb5kt7PbuMytem%2BXNafE2WJxeRmvu7NJQsy5OFwJnyyyPOBaHValPU42xU6POpzxLi3KX6qbVixGr0wUkv1fP%2Fg2oXWILOwt5oOomfS9If1DbouQy%2BAR5YA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7028&min_rtt=6795&rtt_var=905&sent=28&recv=20&lost=0&retrans=0&sent_bytes=20538&recv_bytes=6969&delivery_rate=631017&cwnd=12000&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=86&x=1", cfExtPri, cfHdrFlush;dur=14
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
text/css
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47c4b0f9238-FRA
server
cloudflare
jquery.js
controlc.com/public/js/ 		150 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/js/jquery.js
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f4265b3a5d2022b7b4da2cb5247039ef8eb6518b7ed2a8f7f0be0c87d421b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"555139ee-257be"
age
2177
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uuo%2FaMtJE9OQZywgnb2qVeTeZub0cragKLzDfqsKFwr1qZk2HT7BuM0rA0iSb2qDRPjlZ0OalPsfYgFULDtiWAtkqqSl6mb15zR%2FikMqizQxeNZtSQBKHaXGbQl1EDQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7028&min_rtt=6795&rtt_var=905&sent=28&recv=20&lost=0&retrans=0&sent_bytes=20538&recv_bytes=6969&delivery_rate=631017&cwnd=12000&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=86&x=1", cfExtPri, cfHdrFlush;dur=14
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
application/javascript
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47c4b109238-FRA
server
cloudflare
cls.css
a.pub.network/controlc-com/ 		485 B
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/cls.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0be5718f216fd2b289375e348e8115ed84df63f313ce02424f2f1483f259612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=kuwBIw==, md5=sg9fsbTuTyAdHEgR3OYUqA==
cf-cache-status
REVALIDATED
etag
W/"b20f5fb1b4ee4f201d1c4811dce614a8"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Sat, 07 Dec 2024 17:10:00 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
485
server-timing
cfExtPri
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
text/css
last-modified
Tue, 03 Dec 2024 20:13:59 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-guploader-uploadid
AFiumC4H7jFDgKCs_cSp398r7afI6jgc8Fzl6O7KnDA7IEB0dpH_1HFplJ_AeDYxnpa7EBWegqbcN8gL1Q
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ee5f47c7b554dc4-FRA
access-control-allow-origin
*
x-goog-generation
1732648374265021
server
cloudflare
pubfig.min.js
a.pub.network/controlc-com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/pubfig.min.js
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040abc79cfe9a1c4e57545e207c45d4307841bbf3c183a934836c8ab0abecdf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=ZWp1YQ==, md5=6G1CswOO2UV5uprTlKV45Q==
cf-cache-status
HIT
etag
W/"e86d42b3038ed94579ba9ad394a578e5"
age
66017
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Sat, 07 Dec 2024 17:10:00 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
44107
server-timing
cfExtPri
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 16:55:48 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4mXm890dk0lUaFZKw1MZQK-E9hZLG4YDHIPYqVutqqNZSpQl0hfbcevRH9OMD0yeWG-ghtQLKSCQ
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://d.pub.network/v2/sites/controlc-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ee5f47cebd94dc4-FRA
access-control-allow-origin
*
x-goog-generation
1733417748292182
server
cloudflare
getpaid.png
controlc.com/public/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlc.com/public/images/getpaid.png
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

cf-bgj
h2pri,csam-hash
etag
"555139ee-196e"
age
5767
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xacydz8L66d9i0kw7jESHnNsMXeSn3gorVzql9kmX3WgQzj4HDZ8oOFSoNTxWgfkb0OBRCvxbEzQvJ%2FkjfSi8fcEmFobYkAz4f24KRELQaYrNSMpusMwVBpSG3sDq5U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7028&min_rtt=6795&rtt_var=905&sent=28&recv=20&lost=0&retrans=0&sent_bytes=20538&recv_bytes=6969&delivery_rate=631017&cwnd=12000&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=87&x=1", cfExtPri, cfHdrFlush;dur=13
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
image/png
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47c4b129238-FRA
accept-ranges
bytes
content-length
6510
server
cloudflare
logo.png
controlc.com/public/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlc.com/public/images/logo.png
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

cf-bgj
h2pri,csam-hash
etag
"5d838aad-2f2e"
age
5767
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQNnM1tKQQ08K9vbrAq%2FefSKLlYOAxUc0cRhfCQESPkZwUKT2gUsN7rkP55DmfmeFLJUirxOHk%2FgWJA21sFCfpNfaA58n8XheiP6Pt4vKamjGJHR03CnlxfqO8wXWNw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7028&min_rtt=6795&rtt_var=905&sent=18&recv=20&lost=0&retrans=0&sent_bytes=8538&recv_bytes=6969&delivery_rate=631017&cwnd=12000&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=83&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
image/png
last-modified
Thu, 19 Sep 2019 14:03:25 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47c4b149238-FRA
accept-ranges
bytes
content-length
12078
server
cloudflare
muo.png
controlc.com/public/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlc.com/public/images/muo.png
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff9977af2b5f8bc4cb3ec6c0300c9a9029be11b7896a67d6af64706ab24ff69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

cf-bgj
h2pri,csam-hash
etag
"653549fe-6100"
age
3939
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omOJ3bmUjmABkpMAIPMGd4Db%2FEZgNlpcl4FjY40UJJbMOr4MlHGsNr8Bgt8znAp%2BilQAGNcjKlSLdo5H1xbGYy7Fo9Zfpu2UgCMUuTFC2YJqpaVApwzPMLRSbKzhGqI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20152&min_rtt=6795&rtt_var=1146&sent=92&recv=57&lost=0&retrans=0&sent_bytes=88680&recv_bytes=8899&delivery_rate=2174894&cwnd=45600&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=149&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
image/png
last-modified
Sun, 22 Oct 2023 16:12:46 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47cbb5f9238-FRA
accept-ranges
bytes
content-length
24832
server
cloudflare
js
www.googletagmanager.com/gtag/ 		275 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3195897c3f729d3a966a1a9cbbe32e16825f01d5d79904a7cd373e78287cab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 07 Dec 2024 16:40:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98351
x-xss-protection
0
server
Google Tag Manager
configs
d.pub.network/v2/sites/controlc-com/ 		39 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/controlc-com/configs?env=PROD
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8dfa851999d3a315dd6824cbcbdb12da5225586d09c4ebf728007cc6f6fdb6db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://controlc.com
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
bg.png
controlc.com/public/images/ 		987 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlc.com/public/images/bg.png
Requested by
Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/public/css/bootstrap.css

Response headers

cf-bgj
h2pri,csam-hash
etag
"555139ee-3db"
age
5669
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9MfrbLJJYE2zmORuadmOZ1PjoNA3S%2FuorzOqROkXSG%2BjaXass1vXcC8XvGEDZtfTCJoH86IWePRQpzz%2BgUl6IzX8vXRgd0Ztx%2BFa7KdQRv4vEnJ8LtfIxMKwSlgz6fY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17386&min_rtt=6795&rtt_var=2427&sent=116&recv=67&lost=0&retrans=0&sent_bytes=114796&recv_bytes=9872&delivery_rate=908118&cwnd=45600&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=271&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
image/png
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47d7bfc9238-FRA
accept-ranges
bytes
content-length
987
server
cloudflare
main.js
controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame D7F1
Redirect Chain
  • https://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57538913e72ccbbc9f1d4068e76eea034453cace296e7d98c0b0caeb34982b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aq4Ac%2Bew2i7FoKprWkvae701HjgbC5O2%2Fp1mEMge8bFh89LgERi38%2B1E27a0A4mYZFnxeIb4fgEOfUMar1Jothid0NWqK3jAFtfBD4Q7QOtyHMcLUX0vNotVanMnT2s%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ee5f47dac239238-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15303&min_rtt=6795&rtt_var=5025&sent=120&recv=69&lost=0&retrans=0&sent_bytes=117269&recv_bytes=10204&delivery_rate=104291&cwnd=45600&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=295&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2B9too8YawKHFoX9KY%2B084SUtpIVX4y7BdJGtGbFNtfQyVy6hus6k3xhsPUj%2F86yfUQhL3Q0mKZa%2FzFfyV2428aEuY4BRQ19j%2FOENT9oXCk0PfEKajJLHy4AX3qjh6M%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee5f47d8c0d9238-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=17386&min_rtt=6795&rtt_var=2427&sent=118&recv=67&lost=0&retrans=0&sent_bytes=116522&recv_bytes=9872&delivery_rate=908118&cwnd=45600&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=279&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 16:40:00 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
prebid.js
a.pub.network/controlc-com/ 		485 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/prebid.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b8a90c9d1fe354674f723fa83e847520b8472cacc50cee9bc5e30e96ea4dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=Ghd/gA==, md5=k17ZrRb1Qp/Q7vty5jaMZg==
cf-cache-status
HIT
etag
W/"935ed9ad16f5429fd0eefb72e6368c66"
age
66017
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Sat, 07 Dec 2024 17:10:00 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
496443
server-timing
cfExtPri
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 16:55:49 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4maZqhy3SujpN1B4TMGRFKR4RrDFdh0AOiIJkN1mV-7pjkz36PxAVGuOQ_cRC8U8rTBa7SnswIXA
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ee5f47d8cae4dc4-FRA
access-control-allow-origin
*
x-goog-generation
1733417749195619
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?network_code=15184186
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
39a2756e8212085250830d51d8efc2dbf63c04cbbf66b3ba3410617c9001cf60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
etag
67 / 20064 / m202412030101 / config-hash: 17564011173285401629
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 16:40:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33631
x-xss-protection
0
server
cafe
pubfig.engine.js
a.pub.network/controlc-com/ 		424 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a63b4065faeea4ca8df774f29155a6dd8c3839cb4a3b9b19b75e34290b60d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=G8f3JA==, md5=+u6zOQcIQm5yRzx+quI25g==
cf-cache-status
HIT
etag
W/"faeeb3390708426e72473c7eaae236e6"
age
65962
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Sat, 07 Dec 2024 17:10:00 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
434222
server-timing
cfExtPri
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 16:55:48 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC7GYgjhSOiRrP1h-Paub_nYD_MdGjXqRd_7Hj9d7IAqurZd_MtovDATnd377_RwDS8OWTBLycywMQ
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ee5f47d8cb04dc4-FRA
access-control-allow-origin
*
x-goog-generation
1733417748060586
server
cloudflare
8ee5f47bea9d9238
controlc.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D7F1 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://controlc.com/cdn-cgi/challenge-platform/h/g/jsd/r/8ee5f47bea9d9238
Requested by
Host: controlc.com
URL: https://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9l%2BfjVV1liHcu7hbUNRlFHUTVMpknXCjqVCVrXtErTiqYmbQnCq9s1JxyQy7dNSvtUwodVyowwmMZ%2FWpWue5%2BzPkaIjDhL0X%2BtQaeEkaGztCUz2KUw7BwtCFpe6x10%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee5f47dfc6d9238-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14259&min_rtt=6795&rtt_var=5856&sent=127&recv=85&lost=0&retrans=0&sent_bytes=122281&recv_bytes=27349&delivery_rate=318207&cwnd=45600&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=355&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sat, 07 Dec 2024 16:40:00 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/ 		497 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?network_code=15184186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
etag
6831530709922679929
age
5396
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 15:10:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 07 Dec 2024 15:10:05 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
157012
x-xss-protection
0
server
cafe
choice.js
cmp.inmobi.com/choice/wZt3yQfgdwnz-/controlc.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/controlc.com/choice.js?tag_version=V2
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1d93ba67e8f6d78f4ebe80d436ec2d719706f8372444aa77fd09fd52ba0f1f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control
max-age=900
content-encoding
br
etag
W/"b9ddf03d2b0be2f9dda1a0eb30ca9412"
cross-origin-resource-policy
cross-origin
via
1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
uKC3SzsK_p2QHlxP30AeAj4ZIwSCGTG5fyPt6AcphBPaiEIMLcxcBg==
date
Sat, 07 Dec 2024 16:40:02 GMT
content-type
application/javascript
last-modified
Tue, 25 Jun 2024 12:21:48 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3KD3DPS4TE&gtm=45je4c40v9125033100za200&_p=1733589600862&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485&cid=313352027.1733589601&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733589601&sct=1&seg=0&dl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%20benign.exe&dt=The%20easiest%20way%20to%20host%20your%20text&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=412
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://controlc.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 16:40:01 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
542 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3KD3DPS4TE&cid=313352027.1733589601&gtm=45je4c40v9125033100za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://controlc.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 16:40:01 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3KD3DPS4TE&cid=313352027.1733589601&gtm=45je4c40v9125033100za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=798831257
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 07 Dec 2024 16:40:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
47537
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 03:27:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 07 Dec 2024 03:27:44 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
cmp2.js
cmp.inmobi.com/tcfv2/53/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=controlc.com
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/controlc.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

access-control-max-age
86400
content-encoding
br
etag
W/"db6c513b7a9d1bf38b36047c185655a2"
age
30000
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-qc-ineu
True
x-cache
Hit from cloudfront
x-amz-cf-id
M8WYnHVAjFMEIfYAp5r4ECWZ_yKHCRcxnK-m_84thI1CsqLn_x6r5w==
date
Sat, 07 Dec 2024 08:20:01 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 03 Jun 2024 09:45:41 GMT
cache-control
max-age=172800
via
1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
geoip
cmp.inmobi.com/ 		39 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=controlc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://controlc.com/

Response headers

access-control-expose-headers
*
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
39
x-amz-cf-id
J9Ca11NhPJxG7yK3xbtlh35O4_hkreuipnMW7wijjO4o7P8MR7vFHw==
date
Sat, 07 Dec 2024 16:40:01 GMT
content-type
application/json
x-amz-cf-pop
MUC50-P3
server
CloudFront
favicon.ico
controlc.com/ 		663 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://controlc.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782188de4d34d7278c4901be819c2f1c8115a48b5e36a61937b6f89596717a00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"5d82df5f-297"
age
5670
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7s5badltO%2BkVnBWDTKKxXqAf8AKMFJN9V3vOgom0FRm6ehHUexrcfSF68qibhmzuMCt2dWdHb%2F9c3ddz%2B7hf4RvdYmgWqJJ3UnB3YUzqyAYPPDx4ABjndKAdqky46cs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13637&min_rtt=6795&rtt_var=5636&sent=129&recv=87&lost=0&retrans=0&sent_bytes=123491&recv_bytes=28186&delivery_rate=50010&cwnd=45600&unsent_bytes=0&cid=b3bcecd42ceb0d8a&ts=537&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 16:40:01 GMT
content-type
image/x-icon
last-modified
Thu, 19 Sep 2019 01:52:31 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee5f47f1d929238-FRA
server
cloudflare
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=controlc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74bc93eb56ba3aecf4106eadc03b8bf93a9c316ca40362a79a691eca64fc5d50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://controlc.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"2d2e7eccf2dbbf62313a1eaab2787403"
age
49158
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
M6zN50ZPuQqmPKsm0Vd3Q1Y3Aa1zq4IcwRSxZxXWvRgwL0IGq4tbHw==
date
Sat, 07 Dec 2024 03:00:44 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Sat, 07 Dec 2024 03:00:42 GMT
cache-control
max-age=172800
access-control-allow-credentials
true
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
cmp2ui-en.js
cmp.inmobi.com/tcfv2/53/ 		296 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=controlc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d36878275fdebcd10c4e7b031c09a5e76999afea375eff8688bc6622b0b349b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

access-control-max-age
86400
content-encoding
br
etag
W/"ab9573d6ab1dc3230983376fffe35e48"
age
301
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
v2mfigZK5Pq3ICzO2_fP7v5IOaYF_hYOHc-FgiSOJYWoUorQzNgSKg==
date
Sat, 07 Dec 2024 16:35:00 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 14 Aug 2024 08:13:00 GMT
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
via
1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		616 KB
68 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=controlc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d64f4128eea101a6966164cd3f2cf03e0100fbf762d0afa63f8e5509ee318595

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"80e79cad0b36c3e7369b2e71d433ccd8"
age
60039
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
kqAJAhxe_hu8E9AEqUbKjFg0UGz5adPuHmnWlZZiw02rPc_BaB9R6Q==
date
Fri, 06 Dec 2024 23:59:22 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Thu, 05 Dec 2024 23:59:16 GMT
cache-control
max-age=86400
access-control-allow-credentials
true
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		140 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=controlc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02783f81e6d5497e7efba350ba2a0cf3ab683ee711e2c6f6dc636b9ef6c32427

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://controlc.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"45f51a68f17a056971afffb18ca38d60"
age
49176
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
dS6N2KFokrJPXStq39Xu0-w-A3PsOJ89UzSJxH_eoihPBpSCrM53yg==
date
Sat, 07 Dec 2024 03:00:26 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Sat, 07 Dec 2024 03:00:24 GMT
cache-control
max-age=172800
access-control-allow-credentials
true
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
/
api.cmp.inmobi.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22controlc.com%22%2C%22publisher%22%3A%22controlc.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22qabkgglAF%2B4l3S1wAA5ZzA%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1733589601242%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-xtzw56cqjhysiqihfyf6%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.248.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-248-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://controlc.com/

Response headers

access-control-allow-origin
*
content-length
2
date
Sat, 07 Dec 2024 16:40:01 GMT
content-type
text/plain; charset=utf-8
geoip
cmp.inmobi.com/ 		39 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://controlc.com/

Response headers

access-control-expose-headers
*
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
39
x-amz-cf-id
0-XCO7fCQJsGzfTPaLlAIezGp2xdrkWsj81LhVT4lrU-z1WMxN0jlQ==
date
Sat, 07 Dec 2024 16:40:01 GMT
content-type
application/json
x-amz-cf-pop
MUC50-P3
server
CloudFront

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| _sf_startpt string| root_url function| socialNetwork function| socialNetworkTwitter function| socialNetworkFacebook function| socialNetworkOther function| popPreview function| embedCode function| getARealBrowser function| $ function| jQuery object| freestar function| gtag object| dataLayer object| _pubfigInstanceManagerConfig object| googletag object| fsprebid object| fsprebidChunk object| _pbjsGlobals object| mnet object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| __tcfapi function| __uspapi object| gaGlobal object| google_reactive_ads_global_state object| regeneratorRuntime function| __tcfapiui

4 Cookies

Domain/Path Name / Value
.controlc.com/ Name: cf_clearance
Value: 3cD8OApcqZttARrG1W9tXqaPwXnqGmxb7aD.ihN4ft4-1733589600-1.2.1.1-rSWfUMtm4nKB9IzerRmlQ4L270CwMa3pF34.7Zlp75BJ5BpwanGFBZRFyNYEZayuWVKyxTVk8MGzdYT6DdkHz.emZQqXLAGQulzD.iBBlNEw8fZHpDkLgCFhUPmZ_cU.I51zaT1AQMkSpzBP8PzGAnYj41jQVAqJGySAbilxm_Nx5NbLV0AKQFV4FfS_y8WQevuejvDtoIvWBwQXuJN3cI1HVGTK5XzGPkPmcDDrb73yhtu6NZxfwV5L75aabKzfXApFaOx8Izb6HC2kV_6HxoFh698jvba3YQbCBs9HbdQIIeKa8t.MenneLWe3hK3OTEd.HjHlvsmT6PrpegpLIR.pkQvAZ9wKbBAHBSce4ctEDqP9rU25jonB6jiTAKJG
.controlc.com/ Name: _ga_3KD3DPS4TE
Value: GS1.1.1733589601.1.0.1733589601.60.0.0
.controlc.com/ Name: _ga
Value: GA1.1.313352027.1733589601
.controlc.com/ Name: usprivacy
Value: 1N--

1 Console Messages

Source Level URL
Text
network error URL: https://controlc.com/e4d11035%20benign.exe
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
api.cmp.inmobi.com
cmp.inmobi.com
controlc.com
d.pub.network
region1.analytics.google.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
104.18.20.206
142.250.186.130
142.250.186.35
172.67.219.69
18.193.248.185
2001:4860:4802:32::36
2600:9000:26db:1200:1b:cadc:ef40:93a1
2a00:1450:4001:813::2008
2a00:1450:400c:c04::9d
34.160.152.31
02783f81e6d5497e7efba350ba2a0cf3ab683ee711e2c6f6dc636b9ef6c32427
040abc79cfe9a1c4e57545e207c45d4307841bbf3c183a934836c8ab0abecdf5
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
1d36878275fdebcd10c4e7b031c09a5e76999afea375eff8688bc6622b0b349b
21b8a90c9d1fe354674f723fa83e847520b8472cacc50cee9bc5e30e96ea4dd2
21f4265b3a5d2022b7b4da2cb5247039ef8eb6518b7ed2a8f7f0be0c87d421b1
28a63b4065faeea4ca8df774f29155a6dd8c3839cb4a3b9b19b75e34290b60d1
28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
39a2756e8212085250830d51d8efc2dbf63c04cbbf66b3ba3410617c9001cf60
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
74bc93eb56ba3aecf4106eadc03b8bf93a9c316ca40362a79a691eca64fc5d50
782188de4d34d7278c4901be819c2f1c8115a48b5e36a61937b6f89596717a00
7ff9977af2b5f8bc4cb3ec6c0300c9a9029be11b7896a67d6af64706ab24ff69
8dfa851999d3a315dd6824cbcbdb12da5225586d09c4ebf728007cc6f6fdb6db
a0be5718f216fd2b289375e348e8115ed84df63f313ce02424f2f1483f259612
aa2d5d522b04b79738c2c7497ca8286046fbb7712d49569b58c60c8535780755
acd4e7001db94b80bc6dab74d980a9c6c65933917e3af6de002442a6afe562f0
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f
d3195897c3f729d3a966a1a9cbbe32e16825f01d5d79904a7cd373e78287cab3
d57538913e72ccbbc9f1d4068e76eea034453cace296e7d98c0b0caeb34982b1
d64f4128eea101a6966164cd3f2cf03e0100fbf762d0afa63f8e5509ee318595
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e5453af8dcaf5119bc545d4070e22cd7dbd208979658f9710c409873854f32
e62798140379008b3de9cf422020c1e5abd0bfc16440ebc66dcb8f5c80c8c663
e738183a60e8cf19e763729b96c19d0ccee30f225e75ad61b8648a3cc7bfa969
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d93ba67e8f6d78f4ebe80d436ec2d719706f8372444aa77fd09fd52ba0f1f9
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112