urlscan.io logo urlscan.io
SecurityTrails logo

www.activecountermeasures.com Open in urlscan Pro
2606:4700:20::ac43:4605  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Submission: On October 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 34 HTTP transactions. The main IP is 2606:4700:20::ac43:4605, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.activecountermeasures.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2020. Valid for: a year.
This is the only time www.activecountermeasures.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2606:4700:20::ac43:4605 (United States)

ASN13335 (CLOUDFLARENET, US)
www.activecountermeasures.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.222.140.106 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-140-106.ams50.r.cloudfront.net
cdn-images.mailchimp.com
1    52.217.48.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
2    46.105.202.39 (France)

ASN16276 (OVH, FR)
u.heatmap.it
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    192.99.47.17 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: us4.heatmap.it
us4.heatmap.it
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
Domain Requested by
14 www.activecountermeasures.com www.activecountermeasures.com
6 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 u.heatmap.it www.activecountermeasures.com
u.heatmap.it
2 static.addtoany.com www.activecountermeasures.com
static.addtoany.com
2 fonts.googleapis.com www.activecountermeasures.com
1 s.w.org www.activecountermeasures.com
1 stats.g.doubleclick.net www.google-analytics.com
1 us4.heatmap.it www.activecountermeasures.com
1 s3.amazonaws.com www.activecountermeasures.com
1 cdn-images.mailchimp.com www.activecountermeasures.com
1 www.googletagmanager.com www.activecountermeasures.com
34 12
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-07 -
2021-07-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
cdn-images.mailchimp.com
Amazon		 2020-06-28 -
2021-07-28		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
*.heatmap.it
Sectigo RSA Domain Validation Secure Server CA		 2020-06-13 -
2022-06-26		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2019-12-19 -
2021-12-18		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Frame ID: AFC90DA0E5BF69C8F0D66BCB9C8133A5
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /addtoany\.com\/menu\/page\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

34
Requests

100 %
HTTPS

62 %
IPv6

11
Domains

12
Subdomains

14
IPs

5
Countries

1748 kB
Transfer

4273 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.activecountermeasures.com/malware-of-the-day-backoff/ 		158 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b4b6fde24816bd465802aa89b9b28266eaffabe98f0fcb95728796983e0d9f1

Request headers

:method
GET
:authority
www.activecountermeasures.com
:scheme
https
:path
/malware-of-the-day-backoff/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 02 Oct 2020 12:04:58 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dcd8cae07895af854e651d85b1ee0ac281601640297; expires=Sun, 01-Nov-20 12:04:57 GMT; path=/; domain=.activecountermeasures.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=j8scm6k6potshedjimd2enr8n4; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://www.activecountermeasures.com/wp-json/>; rel="https://api.w.org/" <https://www.activecountermeasures.com/wp-json/wp/v2/posts/9594>; rel="alternate"; type="application/json" <https://www.activecountermeasures.com/?p=9594>; rel=shortlink
x-tec-api-version
v1
x-tec-api-root
https://www.activecountermeasures.com/wp-json/tribe/events/v1/
x-tec-api-origin
https://www.activecountermeasures.com
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
058acc8d3a00006377e9a7c200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5dbe49f5281b6377-FRA
content-encoding
br
autoptimize_cd4482dc76e6e4184571a113b8fdd38b.css
www.activecountermeasures.com/wp-content/cache/autoptimize/css/ 		1 MB
144 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/wp-content/cache/autoptimize/css/autoptimize_cd4482dc76e6e4184571a113b8fdd38b.css
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a28e0d61e83ec1ff953a050134201219c05cd79893c08ae89d2f684fcbde19

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Sep 2020 13:30:03 GMT
server
cloudflare
age
1397
status
200
etag
W/"11e2a6-5b073c7cada52-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400, immutable
cf-ray
5dbe49f819216377-FRA
cf-request-id
058acc8f0a00006377e9a93200000001
css
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94df22701bd80fca42c776b7064a4505986161b616007963e1ba60adba6f84d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 11:51:54 GMT
server
ESF
date
Fri, 02 Oct 2020 12:04:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Oct 2020 12:04:58 GMT
jquery.js
www.activecountermeasures.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 May 2019 21:02:51 GMT
server
cloudflare
age
2218
status
200
etag
W/"17a69-5896c2c01a264-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5dbe49f819226377-FRA
cf-request-id
058acc8f0b00006377e9a94200000001
css
fonts.googleapis.com/ 		2 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 10:10:36 GMT
server
ESF
date
Fri, 02 Oct 2020 12:04:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Oct 2020 12:04:58 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-114600606-1
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd9e2a9aadf38aec266764f24f81cd4e2b0241173e0e626cd395d7e6d5ecdd20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36641
x-xss-protection
0
expires
Fri, 02 Oct 2020 12:04:58 GMT
email-decode.min.js
www.activecountermeasures.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 01 Oct 2020 22:18:09 GMT
server
cloudflare
etag
W/"5f7655a1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5dbe49f8292d6377-FRA
cf-request-id
058acc8f1d00006377e9a95200000001
expires
Sun, 04 Oct 2020 12:04:58 GMT
lazysizes.min.js
www.activecountermeasures.com/wp-content/plugins/autoptimize/classes/external/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.7.7
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Aug 2020 20:52:26 GMT
server
cloudflare
age
2218
status
200
etag
W/"22ea-5adb9e17072d2-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5dbe49f8e9716377-FRA
cf-request-id
058acc8f8f00006377e9a98200000001
classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.140.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-140-106.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 01 Oct 2020 21:19:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2015 16:52:30 GMT
Server
AmazonS3
Age
53107
ETag
W/"ae0fc9b84c30cada1784022044962394"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 9c84f9ddc9675b0adb884f2700ada8f2.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
AMS50-C1
X-Amz-Cf-Id
M02CUqsj5wzfKueQPxnZw1G0DUcO8ITnY5nugWGGQn5fY1jgbCS0kQ==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.48.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 12:04:59 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
21EE98917768B68F
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
AKgTxe9a8yBbOg99zJgi93t1eyrH41rHZcLBUVFRZyN4Ifh+WQKJs6g50BjA5BD/o/p9D2kZCZQ=
autoptimize_73a5140a6bda2578add16feb591c42a6.js
www.activecountermeasures.com/wp-content/cache/autoptimize/js/ 		554 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/wp-content/cache/autoptimize/js/autoptimize_73a5140a6bda2578add16feb591c42a6.js
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d298ddc23d27516dc79383c87ced22c21cc95c2e902dee257cbe3e9a3c1f43bc

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Sep 2020 13:30:03 GMT
server
cloudflare
age
5490
status
200
etag
W/"8a6a2-5b073c7c9d0b0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, immutable
cf-ray
5dbe49f8e9726377-FRA
cf-request-id
058acc8f8f00006377e9a99200000001
wp-emoji-release.min.js
www.activecountermeasures.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Sep 2020 13:28:32 GMT
server
cloudflare
age
2218
status
200
etag
W/"37a6-5b073c2639111-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5dbe49f8e9736377-FRA
cf-request-id
058acc8f8f00006377e9a9a200000001
page.js
static.addtoany.com/menu/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba434fc97bd50c3dbbc144a6478975208320cc628cc8abeeaf43de56be9d4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
via
e4s
x-content-type-options
nosniff
cf-cache-status
HIT
age
142373
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058acc8f9f00001f4d8588c200000001
last-modified
Mon, 28 Sep 2020 20:29:39 GMT
server
cloudflare
etag
W/"146b1-5b0658698ee0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
5dbe49f8fbc71f4d-FRA
cf-bgj
minify
log.js
u.heatmap.it/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/log.js
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 19:26:49 GMT
content-encoding
br
last-modified
Mon, 22 Jun 2020 07:05:45 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"5ef05849-6b2c"
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
status
200
cache-control
max-age=3600
x-cdn-pop
sbg
accept-ranges
bytes
content-length
10533
x-request-id
347570580
expires
Tue, 29 Sep 2020 20:26:50 GMT
truncated
/ 		80 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
febbfe40d892eab3f6026d5caca6e2497d1da721950ea5a59aa79f409a251d23

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
334b7fe988903b9fa4c52a0451524719e1d6cbda7eb977abee8905789df7c77a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7975b0de3dd3b400e358605c0b7b802b49b3b815ba312f7c6d03a457b33ffc9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8e76e7e8edb9f8c9c9862cdccdf9110bbc924e21f36b60b7f846fb7b1fa9cad

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
acm_breadcrumb_nologo.png
www.activecountermeasures.com/wp-content/uploads/2019/06/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.activecountermeasures.com/wp-content/uploads/2019/06/acm_breadcrumb_nologo.png
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e984919f97a6b696e7a67f05cf8e0f619dbe82606d286bbfb9628c3e538c02fb

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
cf-cache-status
HIT
age
1397
status
200
content-length
57072
cf-request-id
058acc8f9700006377e9a9c200000001
last-modified
Wed, 05 Jun 2019 18:21:51 GMT
server
cloudflare
etag
"def0-58a97abd41138"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbe49f8f9786377-FRA
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.activecountermeasures.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 11:04:11 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
349247
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Tue, 28 Sep 2021 11:04:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.activecountermeasures.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 09:06:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
356323
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 28 Sep 2021 09:06:15 GMT
iconsmind.woff
www.activecountermeasures.com/wp-content/plugins/keydesign-addon/assets/fonts/ 		1 MB
461 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/wp-content/plugins/keydesign-addon/assets/fonts/iconsmind.woff
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/wp-content/cache/autoptimize/css/autoptimize_cd4482dc76e6e4184571a113b8fdd38b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55167ff2dba40b2eb3734d4653b6a3b25a33094cfce64ffb09a23205f33777f7

Request headers

Origin
https://www.activecountermeasures.com
Referer
https://www.activecountermeasures.com/wp-content/cache/autoptimize/css/autoptimize_cd4482dc76e6e4184571a113b8fdd38b.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Aug 2018 13:47:24 GMT
server
cloudflare
status
200
etag
W/"11f78c-573ca0861130a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5dbe49f919826377-FRA
cf-request-id
058acc8faa00006377e9a9e200000001
cf-bgj
h2pri
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.activecountermeasures.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 10:07:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
352674
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 28 Sep 2021 10:07:04 GMT
fontawesome-webfont.woff
www.activecountermeasures.com/wp-content/themes/etalon/core/assets/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.activecountermeasures.com/wp-content/themes/etalon/core/assets/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/wp-content/cache/autoptimize/css/autoptimize_cd4482dc76e6e4184571a113b8fdd38b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Origin
https://www.activecountermeasures.com
Referer
https://www.activecountermeasures.com/wp-content/cache/autoptimize/css/autoptimize_cd4482dc76e6e4184571a113b8fdd38b.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Aug 2018 13:46:14 GMT
server
cloudflare
status
200
etag
W/"17ee8-573ca042cb221"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5dbe49f919856377-FRA
cf-request-id
058acc8fac00006377e9a9f200000001
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.activecountermeasures.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 09:13:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:08 GMT
server
sffe
age
355886
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
expires
Tue, 28 Sep 2021 09:13:32 GMT
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.activecountermeasures.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 09:13:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
355914
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12680
x-xss-protection
0
expires
Tue, 28 Sep 2021 09:13:04 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.activecountermeasures.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&subset=latin&ver=1594673085
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 09:06:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
356321
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Tue, 28 Sep 2021 09:06:17 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f07a00bb5ad08f74e33047273e5a0b3777250ad99d76cf226c370a7039b8efa5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
acm_footer_back.png
www.activecountermeasures.com/wp-content/uploads/2019/02/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.activecountermeasures.com/wp-content/uploads/2019/02/acm_footer_back.png
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c726ef15bbad6f86b5d014841defb3210973edc715159a846f5277feac273b

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
cf-cache-status
HIT
age
1397
status
200
content-length
157281
cf-request-id
058acc900300006377e9aa4200000001
last-modified
Thu, 07 Feb 2019 22:12:30 GMT
server
cloudflare
etag
"26661-581552374b8ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbe49f999b16377-FRA
cf-bgj
h2pri
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
www.activecountermeasures.com.js
u.heatmap.it/conf/ 		43 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/conf/www.activecountermeasures.com.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
17a275780967b9289f5e54d4daf209b42043883ec824d590fec8d30d7007b157

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
content-encoding
br
x-cacheable
Cacheable
x-cdn-pop-ip
137.74.120.0/27
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=60
x-cdn-pop
sbg
accept-ranges
bytes
x-request-id
292126826
expires
Fri, 02 Oct 2020 12:09:58 GMT
acm_header_logo.png
www.activecountermeasures.com/wp-content/uploads/2018/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.activecountermeasures.com/wp-content/uploads/2018/08/acm_header_logo.png
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed707990631a80c80793c5957c4e4a3e2e9f36f494a92522f54c0a9ddcaf29e

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
cf-cache-status
HIT
age
2730
status
200
content-length
10771
cf-request-id
058acc904500006377e9aa9200000001
last-modified
Wed, 22 Aug 2018 15:18:09 GMT
server
cloudflare
etag
"2a13-57407a66cd73a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbe49fa09e76377-FRA
cf-bgj
h2pri
blog_feature_malware_of_the_day.jpg
www.activecountermeasures.com/wp-content/uploads/2020/06/ 		265 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.activecountermeasures.com/wp-content/uploads/2020/06/blog_feature_malware_of_the_day.jpg
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b4d007d93040a47a49a0746ff5d4294ce57419e3e656be73798ea0b0a0c728

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
cf-cache-status
HIT
age
5490
status
200
content-length
271407
cf-request-id
058acc904600006377e9aaa200000001
last-modified
Mon, 22 Jun 2020 15:29:19 GMT
server
cloudflare
etag
"4242f-5a8ade80a75f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbe49fa09e86377-FRA
cf-bgj
h2pri
acm_footer_badge_w.png
www.activecountermeasures.com/wp-content/uploads/2019/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.activecountermeasures.com/wp-content/uploads/2019/04/acm_footer_badge_w.png
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2773db18c05cb0dadf97b88642a586521b87cf3d79c6793003b34a900b2a5e27

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
cf-cache-status
HIT
age
1397
status
200
content-length
2502
cf-request-id
058acc904600006377e9aab200000001
last-modified
Thu, 04 Apr 2019 17:58:32 GMT
server
cloudflare
etag
"9c6-585b81e4bd12e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbe49fa09e96377-FRA
cf-bgj
h2pri
icons.29.svg.js
static.addtoany.com/menu/svg/ 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 12:04:58 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
age
3339968
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058acc904600001f4d8589b200000001
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
5dbe49fa0e471f4d-FRA
cf-bgj
minify
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-114600606-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
5478
date
Fri, 02 Oct 2020 10:33:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 02 Oct 2020 12:33:40 GMT
collect
www.google-analytics.com/j/ 		2 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=360328437&t=pageview&_s=1&dl=https%3A%2F%2Fwww.activecountermeasures.com%2Fmalware-of-the-day-backoff%2F&ul=en-us&de=UTF-8&dt=Malware%20of%20the%20Day%20-%20Backoff%20-%20Active%20Countermeasures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1396815688&gjid=135831452&cid=55140083.1601640299&tid=UA-114600606-1&_gid=1821572037.1601640299&_r=1&gtm=2ou9n1&z=1080318074
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 12:04:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.activecountermeasures.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pv
us4.heatmap.it/log/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us4.heatmap.it/log/pv?pid=86586&u=https%3A%2F%2Fwww.activecountermeasures.com%2Fmalware-of-the-day-backoff%2F&tpl=.&pt=Malware%20of%20the%20Day%20-%20Backoff%20-%20Active%20Countermeasures&t=329677
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.99.47.17 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
us4.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 12:04:59 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 02 Oct 2020 12:04:58 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-114600606-1&cid=55140083.1601640299&jid=1396815688&gjid=135831452&_gid=1821572037.1601640299&_u=IEBAAUAAAAAAAC~&z=567127541
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 02 Oct 2020 12:04:58 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.activecountermeasures.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1f60a.svg
s.w.org/images/core/emoji/13.0.0/svg/ 		1 KB
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/13.0.0/svg/1f60a.svg
Requested by
Host: www.activecountermeasures.com
URL: https://www.activecountermeasures.com/malware-of-the-day-backoff/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
bda4e6d76f6b82b87f43755d551b36dd7cfb0d0117fb798435270e7c1127a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.activecountermeasures.com/malware-of-the-day-backoff/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 02 Oct 2020 12:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Jun 2020 17:45:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings undefined| $ function| jQuery object| cmtt_data object| tpbr_settings object| a2a_config function| setREVStartSize function| gtag object| dataLayer object| tribe_l10n_datatables object| lazySizesConfig object| twemoji object| wp object| lazySizes object| google_tag_manager object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2apage_init object| icons string| svg_tag_open string| svg_tag_close undefined| svg_src undefined| svg_src_default object| heatmap object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| color object| gaplugins object| gaGlobal object| gaData object| mc function| $mcj object| fnames object| ftypes object| ajaxsearchlite object| ASL string| sgpbPublicUrl object| SGPB_JS_LOCALIZATION object| SGPB_POPUP_PARAMS object| SGPB_JS_PACKAGES object| SGPB_JS_PARAMS object| CM_Tooltip undefined| oldgs object| punchgs object| _gsScope object| obj function| scrollEvent function| is_touch_device function| SGPopup function| PopupConfig function| sgAddEvent function| SGPBPopup function| SgpbEventListener object| jQuery112407956039005724571 undefined| oldgs_queue undefined| GreenSockGlobals undefined| _gsQueue function| PhotoSwipe function| PhotoSwipeUI_Default function| SmoothScroll object| classie function| asl_SimpleBar object| _ASL number| SGPB_ORDER string| buttonElement number| viewportTop number| c2 number| c1 object| SGPB_SOUND

5 Cookies

Domain/Path Name / Value
.activecountermeasures.com/ Name: _gat_gtag_UA_114600606_1
Value: 1
.activecountermeasures.com/ Name: _ga
Value: GA1.2.55140083.1601640299
www.activecountermeasures.com/ Name: PHPSESSID
Value: j8scm6k6potshedjimd2enr8n4
.activecountermeasures.com/ Name: _gid
Value: GA1.2.1821572037.1601640299
.activecountermeasures.com/ Name: __cfduid
Value: dcd8cae07895af854e651d85b1ee0ac281601640297

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
fonts.googleapis.com
fonts.gstatic.com
s.w.org
s3.amazonaws.com
static.addtoany.com
stats.g.doubleclick.net
u.heatmap.it
us4.heatmap.it
www.activecountermeasures.com
www.google-analytics.com
www.googletagmanager.com
192.0.77.48
192.99.47.17
2606:4700:10::6816:46c5
2606:4700:20::ac43:4605
2a00:1450:4001:801::200a
2a00:1450:4001:809::2008
2a00:1450:4001:81b::2003
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c07::9c
46.105.202.39
52.217.48.238
52.222.140.106
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
17a275780967b9289f5e54d4daf209b42043883ec824d590fec8d30d7007b157
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2773db18c05cb0dadf97b88642a586521b87cf3d79c6793003b34a900b2a5e27
334b7fe988903b9fa4c52a0451524719e1d6cbda7eb977abee8905789df7c77a
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
55167ff2dba40b2eb3734d4653b6a3b25a33094cfce64ffb09a23205f33777f7
5b4b6fde24816bd465802aa89b9b28266eaffabe98f0fcb95728796983e0d9f1
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643
7ba434fc97bd50c3dbbc144a6478975208320cc628cc8abeeaf43de56be9d4af
8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94df22701bd80fca42c776b7064a4505986161b616007963e1ba60adba6f84d5
9ed707990631a80c80793c5957c4e4a3e2e9f36f494a92522f54c0a9ddcaf29e
a7975b0de3dd3b400e358605c0b7b802b49b3b815ba312f7c6d03a457b33ffc9
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a8e76e7e8edb9f8c9c9862cdccdf9110bbc924e21f36b60b7f846fb7b1fa9cad
a9b4d007d93040a47a49a0746ff5d4294ce57419e3e656be73798ea0b0a0c728
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b9a28e0d61e83ec1ff953a050134201219c05cd79893c08ae89d2f684fcbde19
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bda4e6d76f6b82b87f43755d551b36dd7cfb0d0117fb798435270e7c1127a87e
c6c726ef15bbad6f86b5d014841defb3210973edc715159a846f5277feac273b
cd9e2a9aadf38aec266764f24f81cd4e2b0241173e0e626cd395d7e6d5ecdd20
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d298ddc23d27516dc79383c87ced22c21cc95c2e902dee257cbe3e9a3c1f43bc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e984919f97a6b696e7a67f05cf8e0f619dbe82606d286bbfb9628c3e538c02fb
f07a00bb5ad08f74e33047273e5a0b3777250ad99d76cf226c370a7039b8efa5
febbfe40d892eab3f6026d5caca6e2497d1da721950ea5a59aa79f409a251d23