www.intezer.com Open in urlscan Pro
199.16.172.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files'
Effective URL:
https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Submission: On December 08 via api (December 8th 2021, 5:58:44 pm UTC) from US — Scanned from DE

Summary HTTP 349 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 28 domains to perform 349 HTTP transactions. The main IP is 199.16.172.82, located in United States and belongs to AUTOMATTIC, US. The main domain is www.intezer.com.
TLS certificate: Issued by R3 on October 19th 2021. Valid for: 3 months.

This is the only time www.intezer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	199.16.172.82 199.16.172.82	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
7	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
64	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
52	2606:4700:303... 2606:4700:3033::ac43:d23b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	54.91.60.31 54.91.60.31	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.22.91 13.32.22.91	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.22.63 13.32.22.63	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	143.204.209.120 143.204.209.120	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.76.144.107 54.76.144.107	16509 (AMAZON-02) (AMAZON-02)
1	52.215.195.159 52.215.195.159	16509 (AMAZON-02) (AMAZON-02)
349	34

11 199.16.172.82 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.intezer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149520725.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2606:4700:3033::ac43:d23b (United States)

ASN13335 (CLOUDFLARENET, US)

gate.rapidsec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.91.60.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-60-31.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:22::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-120.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.144.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-144-107.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.195.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-195-159.eu-west-1.compute.amazonaws.com

ws16.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	pressablecdn.com 149520725.v2.pressablecdn.com	888 KB
52	rapidsec.net gate.rapidsec.net	26 KB
11	intezer.com 1 redirects www.intezer.com	61 KB
9	wp.com c0.wp.com stats.wp.com pixel.wp.com	33 KB
8	google.com www.google.com	37 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	344 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com ws16.hotjar.com	65 KB
4	hubspot.com api.hubspot.com track.hubspot.com forms.hubspot.com	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	google.de www.google.de	782 B
4	google-analytics.com www.google-analytics.com	57 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
3	googleapis.com fonts.googleapis.com	4 KB
2	t.co t.co	594 B
2	twitter.com analytics.twitter.com	915 B
2	gaug.es secure.gaug.es	4 KB
2	addtoany.com static.addtoany.com	59 KB
2	googleadservices.com www.googleadservices.com	32 KB
2	hs-scripts.com js.hs-scripts.com	2 KB
2	facebook.net connect.facebook.net	113 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	usemessages.com js.usemessages.com	21 KB
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	googletagmanager.com www.googletagmanager.com	67 KB
0	g2crowd.com Failed tracking.g2crowd.com Failed
349	28

	Domain	Requested by
64	149520725.v2.pressablecdn.com	www.intezer.com 149520725.v2.pressablecdn.com
52	gate.rapidsec.net	www.intezer.com static.addtoany.com 149520725.v2.pressablecdn.com static.hotjar.com www.google-analytics.com js.usemessages.com script.hotjar.com js.hs-banner.com js.hsleadflows.net
11	www.intezer.com	1 redirects www.intezer.com 149520725.v2.pressablecdn.com
8	www.google.com	www.intezer.com www.gstatic.com www.google.com
7	c0.wp.com	www.intezer.com
4	www.google.de	www.intezer.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.intezer.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	fonts.googleapis.com	www.intezer.com
2	api.hubspot.com	js.usemessages.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	t.co	www.intezer.com
2	analytics.twitter.com	static.ads-twitter.com
2	px.ads.linkedin.com	2 redirects
2	googleads.g.doubleclick.net	www.googleadservices.com
2	secure.gaug.es	www.intezer.com
2	static.addtoany.com	www.intezer.com static.addtoany.com
2	www.googleadservices.com	www.intezer.com www.googletagmanager.com
2	js.hs-scripts.com	www.intezer.com
2	connect.facebook.net	www.intezer.com connect.facebook.net
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	ws16.hotjar.com	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.intezer.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	pixel.wp.com	www.intezer.com
1	stats.wp.com	www.intezer.com
1	www.googletagmanager.com	www.intezer.com
0	tracking.g2crowd.com Failed	www.intezer.com
349	40

This site contains links to these domains. Also see Links.

Domain
analyze.intezer.com
support.intezer.com
protect.intezer.com
github.com
www.fireeye.com
blog.talosintelligence.com
www.welivesecurity.com
blogs.jpcert.or.jp
twitter.com
www.youtube.com
www.facebook.com
www.linkedin.com
www.addtoany.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2021-10-19` - `2022-01-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-17` - `2021-12-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2021-01-18` - `2022-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Frame ID: 91CCF326E9CA3AEAB8520F042ADAD64C
Requests: 341 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewXc8UAAAAADEYz8dYpHTk55uH2MjKqbyc1sXD&co=aHR0cHM6Ly93d3cuaW50ZXplci5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=il30ckwryvng
Frame ID: EF055A2B0CD90C21EE478A0F1ADA05B0
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: BDCFF788F3503A9076A415F1191868F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Teaching Capa New Tricks: Analyzing Capabilities in PE and ELF Files

Page URL History Show full URLs

https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files' HTTP 301
https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Page URL

Page Statistics

349
Requests

56 %
HTTPS

57 %
IPv6

28
Domains

40
Subdomains

34
IPs

4
Countries

1948 kB
Transfer

5652 kB
Size

32
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://analyze.intezer.com/?_gl=1*1pgz7dk*_gcl_aw*R0NMLjE2MzMwMzI1ODkuQ2owS0NRand3TldLQmhEQUFSSXNBSjhIa2hjMUsxYzg5MXJyZzhKVU5sdmVUM2c1b0tBdUE1Q3g5MUhHVXctTDJCb3Y4X0owLTR6OF8zb2FBaFRERUFMd193Y0I.
Title: analyze.intezer.com

Search URL Search Domain Scan URL

URL: https://support.intezer.com/hc/en-us
Title: Docs

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/?utm_campaign=login-btn&utm_source=intezer
Title: Log In

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/
Title: Get Started for Free

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/create-account
Title: Get Started

Search URL Search Domain Scan URL

URL: https://protect.intezer.com/signup
Title: Get Started

Search URL Search Domain Scan URL

URL: https://github.com/fireeye/capa
Title: capa

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2021/09/elfant-in-the-room-capa-v3.html
Title: submitted the changes

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/files/3e27b6b287f0b9f7e85bfe18901d961110ae969d58b44af15b1d75be749022c2
Title: 3e27b6b287f0b9f7e85bfe18901d961110ae969d58b44af15b1d75be749022c2

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/02/olympic-destroyer.html
Title: report

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/files/8444b820e7d6c09d668b9698c9f62a655804da3729499432d63bde3a8d7041a9
Title: <img loading="lazy" src="https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/09/Untitled.png" alt="" width="1834" height="612" />

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2017/06/30/telebots-back-supply-chain-attacks-against-ukraine/
Title: report

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/files/0423258b94e8a9af58ad63ea493818618de2d8c60cf75ec7980edcaa34dcc919
Title: <img loading="lazy" src="https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/09/Untitled-4.png" alt="" width="1284" height="919" />

Search URL Search Domain Scan URL

URL: https://blogs.jpcert.or.jp/en/2020/03/elf-tscookie.html
Title: reported

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/files/62840976ab695211447b47ea4555ae665c7039c74a3f2167d660a85283eae86b
Title: <img loading="lazy" src="https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/09/Untitled-5.png" alt="" width="818" height="648" />

Search URL Search Domain Scan URL

URL: https://github.com/intezer
Title: released some of our own

Search URL Search Domain Scan URL

URL: https://twitter.com/joakimkennedy

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCt5L5ztHh-C1NCKa6bKjXFQ?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.facebook.com/IntezerLabs/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/intezer-labs

Search URL Search Domain Scan URL

URL: https://twitter.com/intezerlabs

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files' HTTP 301
https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 294

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1327356%26time%3D1638986318071%26url%3Dhttps%253A%252F%252Fwww.intezer.com%252Fblog%252Fmalware-analysis%252Fanalyzing-capabilities-in-PE-and-ELF-files%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&liSync=true&e_ipv6=AQKEQvrwotKjHAAAAX2bMoX1snK3D9FlXXRwDPhhmgGXaO1WPs9AiVgktgKI2XJLqcVw1OzNzg

349 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Redirect Chain

https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files'
https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

141 KB
29 KB

838ms
837ms

Document
text/html

199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1f9ae0087c0c2abfd7af5d258ba60b0335bfd3e46747242855a921d1566df6bc

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors 'self' *.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: *.google.com *.googleapis.com *.intezer.com *.youtube.com googletagmanager.com *.opendns.com *.hsappstatic.net twitter.com *.cloudflare.com *.comeet.co *.twitter.com *.gaug.es *.wp.com *.hsleadflows.net *.gstatic.com *.usemessages.com *.hs-banner.com *.licdn.com *.hs-analytics.net *.ads-twitter.com *.hs-scripts.com *.googleadservices.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.addtoany.com *.facebook.net *.google-analytics.com *.pressablecdn.com; object-src 'self'; frame-src 'self' *.hsappstatic.net *.usemessages.com *.recaptcha.net *.intezer.com *.hubspot.com *.pressablecdn.com *.hotjar.com *.googletagmanager.com *.wp.com *.google.com *.twitter.com *.comeet.com *.comeet.co *.doubleclick.net *.youtube.com; child-src 'self' *.intezer.com; base-uri 'self' *.intezer.com; form-action 'self' https://*.twitter.com/; worker-src 'self' *.intezer.com; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce

Strict-Transport-Security

max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 08 Dec 2021 17:58:37 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
host-header: Pressable
content-security-policy-report-only: frame-ancestors 'self' https://www.intezer.com/ http://www.intezer.com/; block-all-mixed-content; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: https://translate.google.com/ https://translate.googleapis.com/ https://www.intezer.com/ http://www.youtube.com/ https://www.youtube.com/ https://googletagmanager.com/ https://*.opendns.com/ https://static.hsappstatic.net/ https://twitter.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://ajax.googleapis.com/ https://www.comeet.co/ https://platform.twitter.com/ https://secure.gaug.es/ https://*.wp.com/ https://www.google.com/ https://js.hsleadflows.net/ https://www.gstatic.com/ https://js.usemessages.com/ https://js.hs-banner.com/ https://snap.licdn.com/ https://js.hs-analytics.net/ https://static.ads-twitter.com/ https://js.hs-scripts.com/ https://www.googleadservices.com/ https://script.hotjar.com/ https://static.hotjar.com/ https://analytics.twitter.com/ https://www.googletagmanager.com/ https://googleads.g.doubleclick.net/ https://static.addtoany.com/ https://connect.facebook.net/ https://www.google-analytics.com/ https://*.pressablecdn.com/; style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://*.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://*.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/; object-src 'none'; frame-src https://static.hsappstatic.net/ https://js.usemessages.com/ https://*.recaptcha.net/ https://www.intezer.com/ https://meetings.hubspot.com/ https://*.pressablecdn.com/ https://static.hotjar.com/ https://www.googletagmanager.com/ https://widgets.wp.com/ https://optimize.google.com/ https://syndication.twitter.com/ https://www.comeet.com/ https://www.comeet.co/ https://platform.twitter.com/ https://bid.g.doubleclick.net/ https://www.youtube.com/ https://app.hubspot.com/ https://vars.hotjar.com/ https://www.google.com/; child-src https://www.intezer.com/; img-src 'self'; font-src 'self'; connect-src 'self'; manifest-src 'self'; base-uri https://www.intezer.com/; form-action 'self' https://*.twitter.com/; media-src 'self'; prefetch-src 'self'; worker-src https://www.intezer.com/; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report
content-security-policy: frame-ancestors 'self' *.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: *.google.com *.googleapis.com *.intezer.com *.youtube.com googletagmanager.com *.opendns.com *.hsappstatic.net twitter.com *.cloudflare.com *.comeet.co *.twitter.com *.gaug.es *.wp.com *.hsleadflows.net *.gstatic.com *.usemessages.com *.hs-banner.com *.licdn.com *.hs-analytics.net *.ads-twitter.com *.hs-scripts.com *.googleadservices.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.addtoany.com *.facebook.net *.google-analytics.com *.pressablecdn.com; object-src 'self'; frame-src 'self' *.hsappstatic.net *.usemessages.com *.recaptcha.net *.intezer.com *.hubspot.com *.pressablecdn.com *.hotjar.com *.googletagmanager.com *.wp.com *.google.com *.twitter.com *.comeet.com *.comeet.co *.doubleclick.net *.youtube.com; child-src 'self' *.intezer.com; base-uri 'self' *.intezer.com; form-action 'self' https://*.twitter.com/; worker-src 'self' *.intezer.com; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce
link: <https://www.intezer.com/wp-json/>; rel="https://api.w.org/" <https://www.intezer.com/wp-json/wp/v2/posts/21121>; rel="alternate"; type="application/json" <https://www.intezer.com/?p=21121>; rel=shortlink
last-modified: Wed, 08 Dec 2021 17:58:37 GMT
cache-control: max-age=300, must-revalidate
x-nananana: Batcache-Set
content-encoding: br
x-ac: 2.hhn _atomic_ams

Redirect headers

server: nginx
date: Wed, 08 Dec 2021 17:58:37 GMT
content-type: text/html; charset=UTF-8
location: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
strict-transport-security: max-age=31536000
host-header: Pressable
content-security-policy-report-only: frame-ancestors 'self' https://www.intezer.com/ http://www.intezer.com/; block-all-mixed-content; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: https://translate.google.com/ https://translate.googleapis.com/ https://www.intezer.com/ http://www.youtube.com/ https://www.youtube.com/ https://googletagmanager.com/ https://*.opendns.com/ https://static.hsappstatic.net/ https://twitter.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://ajax.googleapis.com/ https://www.comeet.co/ https://platform.twitter.com/ https://secure.gaug.es/ https://*.wp.com/ https://www.google.com/ https://js.hsleadflows.net/ https://www.gstatic.com/ https://js.usemessages.com/ https://js.hs-banner.com/ https://snap.licdn.com/ https://js.hs-analytics.net/ https://static.ads-twitter.com/ https://js.hs-scripts.com/ https://www.googleadservices.com/ https://script.hotjar.com/ https://static.hotjar.com/ https://analytics.twitter.com/ https://www.googletagmanager.com/ https://googleads.g.doubleclick.net/ https://static.addtoany.com/ https://connect.facebook.net/ https://www.google-analytics.com/ https://*.pressablecdn.com/; style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://*.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://*.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/; object-src 'none'; frame-src https://static.hsappstatic.net/ https://js.usemessages.com/ https://*.recaptcha.net/ https://www.intezer.com/ https://meetings.hubspot.com/ https://*.pressablecdn.com/ https://static.hotjar.com/ https://www.googletagmanager.com/ https://widgets.wp.com/ https://optimize.google.com/ https://syndication.twitter.com/ https://www.comeet.com/ https://www.comeet.co/ https://platform.twitter.com/ https://bid.g.doubleclick.net/ https://www.youtube.com/ https://app.hubspot.com/ https://vars.hotjar.com/ https://www.google.com/; child-src https://www.intezer.com/; img-src 'self'; font-src 'self'; connect-src 'self'; manifest-src 'self'; base-uri https://www.intezer.com/; form-action 'self' https://*.twitter.com/; media-src 'self'; prefetch-src 'self'; worker-src https://www.intezer.com/; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report
content-security-policy: frame-ancestors 'self' *.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: *.google.com *.googleapis.com *.intezer.com *.youtube.com googletagmanager.com *.opendns.com *.hsappstatic.net twitter.com *.cloudflare.com *.comeet.co *.twitter.com *.gaug.es *.wp.com *.hsleadflows.net *.gstatic.com *.usemessages.com *.hs-banner.com *.licdn.com *.hs-analytics.net *.ads-twitter.com *.hs-scripts.com *.googleadservices.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.addtoany.com *.facebook.net *.google-analytics.com *.pressablecdn.com; object-src 'self'; frame-src 'self' *.hsappstatic.net *.usemessages.com *.recaptcha.net *.intezer.com *.hubspot.com *.pressablecdn.com *.hotjar.com *.googletagmanager.com *.wp.com *.google.com *.twitter.com *.comeet.com *.comeet.co *.doubleclick.net *.youtube.com; child-src 'self' *.intezer.com; base-uri 'self' *.intezer.com; form-action 'self' https://*.twitter.com/; worker-src 'self' *.intezer.com; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce
vary: Cookie
expires: Wed, 08 Dec 2021 18:58:37 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
x-ac: 2.hhn _atomic_ams

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 51ms
21ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 16:25:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Dec 2021 17:58:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Dec 2021 17:58:38 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/ 79 KB
10 KB 25ms
7ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:58:38 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 11 KB
2 KB 25ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:58:38 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 4 KB
1 KB 25ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:58:38 GMT

GET
H2 200 styles.css
149520725.v2.pressablecdn.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 37ms
8ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 31 Oct 2021 06:17:54 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/contact-form-7/includes/css/styles.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.css
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/css/ 187 KB
20 KB 38ms
9ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/css/bootstrap.css?ver=0aeebf0e297002559f8cf4ab5cad896d

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c40a0cdd5ab5dcc4da78066f70839808bb4ee8fb2f3360dec64fde438770b099

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 13 Dec 2020 07:21:39 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/themes/intezer-v2/css/bootstrap.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/css/ 30 KB
7 KB 38ms
9ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/css/font-awesome.min.css?ver=0aeebf0e297002559f8cf4ab5cad896d

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 13 Dec 2020 07:21:41 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/themes/intezer-v2/css/font-awesome.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/ 186 KB
36 KB 56ms
28ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bfb6b73b537f16c7f6305f29ab5062da25c8cd88522569bef369b59a9e2d0058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Mon, 06 Dec 2021 17:01:49 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/themes/intezer-v2/style.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.basic.css
149520725.v2.pressablecdn.com/wp-content/plugins/ajax-search-lite/css/ 17 KB
3 KB 38ms
9ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.9.5

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8e1d3542f4ea0a232b64a279e38b4cc9d666ae94a91abd25fff1a165194322cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 14 Nov 2021 10:09:58 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/ajax-search-lite/css/style.basic.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-curvy-blue.css
149520725.v2.pressablecdn.com/wp-content/plugins/ajax-search-lite/css/ 6 KB
1 KB 38ms
9ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css?ver=4.9.5

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2f43834f6edfa66b7a0fdc9d6e2178047a399d6e5e5caec34af8212a65973a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 14 Nov 2021 10:09:58 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.css
149520725.v2.pressablecdn.com/wp-content/plugins/simple-lightbox/client/css/ 232 B
367 B 38ms
10ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 06:28:43 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/plugins/simple-lightbox/client/css/app.css>; rel="canonical"
content-length: 232
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.css
149520725.v2.pressablecdn.com/wp-content/plugins/add-to-any/ 1 KB
525 B 38ms
10ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 06:37:42 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/add-to-any/addtoany.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
149520725.v2.pressablecdn.com/wp-content/plugins/cf7-conditional-fields/ 2 KB
585 B 45ms
18ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.0.7

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dc19c2e40e42974f0416a3f4cc97e2dbb85a5b5598b76a75e9254164922e7be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 31 Oct 2021 06:17:44 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/cf7-conditional-fields/style.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jetpack.css
149520725.v2.pressablecdn.com/wp-content/plugins/jetpack/css/ 85 KB
17 KB 45ms
18ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.5-a.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

128718f78add9d7810ffd6ced5e7825bcec9d13e9d725125640c2746417f72d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 16:56:48 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/jetpack/css/jetpack.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/ 85 KB
29 KB 45ms
18ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 13 Dec 2020 07:21:10 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/add-to-any/ 129 B
248 B 45ms
18ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Thu, 07 Oct 2021 06:37:42 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/plugins/add-to-any/addtoany.min.js>; rel="canonical"
content-length: 129
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 47ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 17:51:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Dec 2021 17:58:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Dec 2021 17:58:38 GMT

GET
H2 200 /
www.intezer.com/ 6 KB
5 KB 29ms
29ms Stylesheet
text/css 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/?custom-css=79c8f516d6

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79adde0dc23cba461e09967e3ceaa077a56e717d1eb2d4f1273a2e8d0f7ccf7c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nananana: Batcache-Hit
strict-transport-security: max-age=31536000
content-encoding: br
vary: Accept-Encoding, Cookie
last-modified: Wed, 08 Dec 2021 17:58:26 GMT
server: nginx
date: Wed, 08 Dec 2021 17:58:38 GMT
content-security-policy-report-only: frame-ancestors 'self' https://www.intezer.com/ http://www.intezer.com/; block-all-mixed-content; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: https://translate.google.com/ https://translate.googleapis.com/ https://www.intezer.com/ http://www.youtube.com/ https://www.youtube.com/ https://googletagmanager.com/ https://*.opendns.com/ https://static.hsappstatic.net/ https://twitter.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://ajax.googleapis.com/ https://www.comeet.co/ https://platform.twitter.com/ https://secure.gaug.es/ https://*.wp.com/ https://www.google.com/ https://js.hsleadflows.net/ https://www.gstatic.com/ https://js.usemessages.com/ https://js.hs-banner.com/ https://snap.licdn.com/ https://js.hs-analytics.net/ https://static.ads-twitter.com/ https://js.hs-scripts.com/ https://www.googleadservices.com/ https://script.hotjar.com/ https://static.hotjar.com/ https://analytics.twitter.com/ https://www.googletagmanager.com/ https://googleads.g.doubleclick.net/ https://static.addtoany.com/ https://connect.facebook.net/ https://www.google-analytics.com/ https://*.pressablecdn.com/; style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://*.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://*.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/; object-src 'none'; frame-src https://static.hsappstatic.net/ https://js.usemessages.com/ https://*.recaptcha.net/ https://www.intezer.com/ https://meetings.hubspot.com/ https://*.pressablecdn.com/ https://static.hotjar.com/ https://www.googletagmanager.com/ https://widgets.wp.com/ https://optimize.google.com/ https://syndication.twitter.com/ https://www.comeet.com/ https://www.comeet.co/ https://platform.twitter.com/ https://bid.g.doubleclick.net/ https://www.youtube.com/ https://app.hubspot.com/ https://vars.hotjar.com/ https://www.google.com/; child-src https://www.intezer.com/; img-src 'self'; font-src 'self'; connect-src 'self'; manifest-src 'self'; base-uri https://www.intezer.com/; form-action 'self' https://*.twitter.com/; media-src 'self'; prefetch-src 'self'; worker-src https://www.intezer.com/; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report
content-type: text/css;charset=utf-8
cache-control: max-age=288, must-revalidate
content-security-policy: frame-ancestors 'self' *.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: *.google.com *.googleapis.com *.intezer.com *.youtube.com googletagmanager.com *.opendns.com *.hsappstatic.net twitter.com *.cloudflare.com *.comeet.co *.twitter.com *.gaug.es *.wp.com *.hsleadflows.net *.gstatic.com *.usemessages.com *.hs-banner.com *.licdn.com *.hs-analytics.net *.ads-twitter.com *.hs-scripts.com *.googleadservices.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.addtoany.com *.facebook.net *.google-analytics.com *.pressablecdn.com; object-src 'self'; frame-src 'self' *.hsappstatic.net *.usemessages.com *.recaptcha.net *.intezer.com *.hubspot.com *.pressablecdn.com *.hotjar.com *.googletagmanager.com *.wp.com *.google.com *.twitter.com *.comeet.com *.comeet.co *.doubleclick.net *.youtube.com; child-src 'self' *.intezer.com; base-uri 'self' *.intezer.com; form-action 'self' https://*.twitter.com/; worker-src 'self' *.intezer.com; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce
x-ac: 2.hhn _atomic_ams
host-header: Pressable
expires: Thu, 08 Dec 2022 17:58:26 GMT

GET
H2 200 search-ico.png
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/ 507 B
682 B 38ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/search-ico.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

452d513b1ef9c6cb1afbe50a84b02c065daf5f3f459c556fbbbd6daa7fe15bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:22:48 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/themes/intezer-v2/images/search-ico.png>; rel="canonical"
content-length: 507
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 intezer-logo-n.png
149520725.v2.pressablecdn.com/wp-content/uploads/2020/05/ 3 KB
4 KB 37ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2020/05/intezer-logo-n.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e85052e09a7415a2ab775cc198a96dc956d9de42b90541a5cdc9c5c176725745

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:09:13 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2020/05/intezer-logo-n.png>; rel="canonical"
content-length: 3525
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 logo-analize-logo-trans-ozsmvqchu4xq3efimwjdhr1x8rgjihbqxejnle9j9u.png
149520725.v2.pressablecdn.com/wp-content/uploads/elementor/thumbs/ 3 KB
3 KB 37ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/thumbs/logo-analize-logo-trans-ozsmvqchu4xq3efimwjdhr1x8rgjihbqxejnle9j9u.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

af2e2283ffc4d9ca0e8be05032a6e2d7fe7daa868ad02fa1f61fc648e08336b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Wed, 24 Feb 2021 10:19:00 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/elementor/thumbs/logo-analize-logo-trans-ozsmvqchu4xq3efimwjdhr1x8rgjihbqxejnle9j9u.png>; rel="canonical"
content-length: 2781
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 protect-logo-ozsn131er69i7gnmdptw6wff0r2scfkpzwa6z4btua.png
149520725.v2.pressablecdn.com/wp-content/uploads/elementor/thumbs/ 4 KB
4 KB 37ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/thumbs/protect-logo-ozsn131er69i7gnmdptw6wff0r2scfkpzwa6z4btua.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bb434f0328d6d816d30aa942a808091339df83946b3be1e3ef476873cf83d8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 28 Feb 2021 09:10:02 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/elementor/thumbs/protect-logo-ozsn131er69i7gnmdptw6wff0r2scfkpzwa6z4btua.png>; rel="canonical"
content-length: 3836
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
681 B 158ms
127ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHLSnmkbocnKWbQVE9ZbhDPgIkUJQ0FMxjaYR3T4oFQ8k3rs%2F0YujJ2nyIHbFe4FCxVNdMYc%2FP8ycMNTvEtHMW45SXIuvl5WpBpz8HwNK60XCjGjhHXCByXCmQyejYBF6qThGnNDxMcqhRKTmDhYGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e207c953dfbf-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
67 KB 88ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KC95766

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e16a7694be76ee0a77cc181a2dc0e014793b78e8ffe840853b63e7d39c41c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67936
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Dec 2021 17:58:38 GMT

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
273 B 475ms
445ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tdf2S6AkgcNMrlTy7FPhOklzK5tYlLWdGDGN3v75ns9687a8LDlLsj1KFs53YAYccui2sO%2F4pbjpD%2F3Gfmq7yX5ARGEZsujuLbt5t%2B5wKSQrstQvWSHpL1zGdt543u2DwH6RDhi3%2Ba%2B5Y%2B4SgKpBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e207c956dfbf-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 49ms
4ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 2cSDVsd7Ar6X5fshslCfam/lbhBxQf8OWc3JuIGszrxQbLAwdlqX33sPvHMp81UbL6ppq2sSu1YvKlvlqhMwvw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Dec 2021 17:58:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.intezer.com/wp-includes/js/ 18 KB
5 KB 43ms
15ms Script
application/javascript 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-includes/js/wp-emoji-release.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: nginx
etag: W/"60bfebf0-4705"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
276 B 484ms
472ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXJjgLT4%2FWnWhf%2Bw6zBooROc0hK3uGjPJiAc1Lff8%2BEHPd5rL5vTeWMYw3E1r1Y1cQJ8kIlqzSimLWfZKG1apc0u%2F6Wtk0xjxXJLONMcEY8of%2BsmT2FUuoQjCoUbd0n%2BeRAdnxDh1ZIR7%2B7VWlxRSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e207c957dfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
270 B 144ms
135ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FRMtp%2B3x%2FifyyQLoF757exKvNx9Lwwiq8Dq2cKE7QRMQURiF6cI1HOwoXfcSqYjdolqUdmkSqi9mpeyOLk9uLRKfepFyA8uAX1RYMiMGnIrozoYMnGx3ahKWS88n07FiXi68P%2F6sKOlVlJ3aQ1YpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e207c959dfbf-FRA

GET
H2 200 headshot-scaled-e1607466945157-60x60.jpg
149520725.v2.pressablecdn.com/wp-content/uploads/2020/12/ 4 KB
5 KB 37ms
9ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2020/12/headshot-scaled-e1607466945157-60x60.jpg

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4f1c2d97c5d6d3a6d9a08fbe3b8e377acc08da746921dad92e17248ca55cb14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:14:47 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2020/12/headshot-scaled-e1607466945157-60x60.jpg>; rel="canonical"
content-length: 4516
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 BlogImage1024x475-1-1270x475.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/09/ 228 KB
228 KB 37ms
9ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/09/BlogImage1024x475-1-1270x475.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0e84403e2c319f7984d4c4411adb0b373cab26ec5c48f8b086c93493b8f7e9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Wed, 15 Sep 2021 13:02:26 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/09/BlogImage1024x475-1-1270x475.png>; rel="canonical"
content-length: 233198
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 facebook.png
www.intezer.com/wp-content/themes/intezer-v2/images/social/ 510 B
555 B 53ms
25ms Image
image/png 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/social/facebook.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

65a52f6e516f0c632596218b193336646905690934acda722c840c621d7e56d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:23:29 GMT
server: nginx
etag: "5fd5c171-1fe"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 510
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 twitter.png
www.intezer.com/wp-content/themes/intezer-v2/images/social/ 428 B
510 B 41ms
13ms Image
image/png 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/social/twitter.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

161dab58676b279f43addcbc3f800ac11276f20f15866ba7f7b5c60bc01b065b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:23:29 GMT
server: nginx
etag: "5fd5c171-1ac"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 428
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 linkedin.png
www.intezer.com/wp-content/themes/intezer-v2/images/social/ 576 B
645 B 52ms
24ms Image
image/png 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/social/linkedin.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

534708b43bc02cb8910f2c21a92047c6590f02ff62fee2f2b328fbb3839e7e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:23:30 GMT
server: nginx
etag: "5fd5c172-240"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 576
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 BlogImage1024x475-2-253x139.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/08/ 517 B
686 B 37ms
9ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/08/BlogImage1024x475-2-253x139.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0da3929b414164597d004fc209242e5b82ccbe9c0f18b97631a671890e0d6741

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Wed, 10 Nov 2021 18:08:22 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/08/BlogImage1024x475-2-253x139.png>; rel="canonical"
content-length: 517
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 GoReport_Twitter_1024x475_v3-253x139.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/ 24 KB
24 KB 37ms
9ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/GoReport_Twitter_1024x475_v3-253x139.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6b558ee3b6b5c5f0f6524a87e94b3670eae8bcb4d56b88aceb8cc85391434dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 25 Feb 2021 15:44:54 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/02/GoReport_Twitter_1024x475_v3-253x139.png>; rel="canonical"
content-length: 24154
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 mwrpic-253x139.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/11/ 2 KB
2 KB 37ms
9ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/11/mwrpic-253x139.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

848042aa4c2670894f53b5d21fd6b95c8240b027be7e19e318dcafb601ee06a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 18 Nov 2021 15:01:20 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/11/mwrpic-253x139.png>; rel="canonical"
content-length: 2106
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 owl.carousel.min.css
www.intezer.com/wp-content/themes/intezer-v2/css/ 3 KB
973 B 20ms
20ms Stylesheet
text/css 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/css/owl.carousel.min.css

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 13 Dec 2020 07:21:34 GMT
server: nginx
etag: W/"5fd5c0fe-b78"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 owl.carousel.min.js Show response
www.intezer.com/wp-content/themes/intezer-v2/js/ 42 KB
11 KB 22ms
22ms Script
application/javascript 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/js/owl.carousel.min.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 13 Dec 2020 07:21:10 GMT
server: nginx
etag: W/"5fd5c0e6-a70e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 intezer-logo-b.png
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/ 3 KB
4 KB 37ms
10ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/intezer-logo-b.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e85052e09a7415a2ab775cc198a96dc956d9de42b90541a5cdc9c5c176725745

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:22:31 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/themes/intezer-v2/images/intezer-logo-b.png>; rel="canonical"
content-length: 3525
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 custom-frontend-legacy.min.css
149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/ 4 KB
585 B 8ms
1ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/custom-frontend-legacy.min.css?ver=3.4.8

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1c0dff01d02a09a4b563a62de4f823250acdd270670f95e3a9d15c3c52be3969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:50 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/uploads/elementor/css/custom-frontend-legacy.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom-frontend.min.css
149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/ 128 KB
16 KB 14ms
2ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1637134910

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0aaaf304996998b3e7e16f798ec86708fe2a732ddf2c789027fce8ebff2a2bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:41:50 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/uploads/elementor/css/custom-frontend.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-16929.css
149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/ 8 KB
1 KB 14ms
2ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/post-16929.css?ver=1637134911

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97cb87565038e71df0d9951c53544ccb188f88ca705463c6101926b68bdef32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:41:51 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/uploads/elementor/css/post-16929.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-17075.css
149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/ 10 KB
1 KB 14ms
2ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/post-17075.css?ver=1637134911

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4135b9ba8f2a5dad50910bff31b4fd8d03ba28d90f77d307bf8d394116d00a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:41:51 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/uploads/elementor/css/post-17075.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 elementor-icons.min.css
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 18 KB
4 KB 15ms
3ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d2a442e1bc1180697fefe701f9b67b9cf4d819e2837bdb43898a2db6ef8e8262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 07:47:51 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-8921.css
149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/ 1 KB
460 B 18ms
1ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/post-8921.css?ver=1637134912

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0c58687b5364ec205f8c31b0f4a3635c2db5fdb252b7e8b3ee904b90b046bd41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:41:52 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/uploads/elementor/css/post-8921.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom-pro-frontend.min.css
149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/ 321 KB
32 KB 19ms
1ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1637134912

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0e99a9244d7c3de897fc25d4e3786edc2eb29556e8c218fa81ff44f4d9641417

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:41:52 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/uploads/elementor/css/custom-pro-frontend.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animations.min.css
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 19ms
2ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.8

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 29ms
6ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=0aeebf0e297002559f8cf4ab5cad896d

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c14b6ecea28d110fbf307fa31e248c1eca0e7b6e5895b462ba1782906ea54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 17:42:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Dec 2021 17:58:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Dec 2021 17:58:38 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/ 6 KB
2 KB 20ms
0ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 00:06:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:58:38 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/ 16 KB
6 KB 20ms
0ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 23:18:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:58:38 GMT

GET
H2 200 index.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 19ms
2ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 31 Oct 2021 06:17:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/contact-form-7/includes/js/index.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dynamic-conditions-public.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/dynamicconditions/Public/js/ 2 KB
783 B 19ms
2ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/dynamicconditions/Public/js/dynamic-conditions-public.js?ver=1.5.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

751d5192326ddefce3e87157f7c9355217cdad7b4a969b5dd3161b4453671389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 11 Apr 2021 14:39:29 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/dynamicconditions/Public/js/dynamic-conditions-public.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5492986.js Show response
js.hs-scripts.com/ 2 KB
1008 B 191ms
146ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5492986.js?integration=WordPress
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c19e2bb4b5df58d2bdc0ea41b4b9e8fc826bb9fe5ec100a8a8fe0b66f564c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 80e9a2aa-9e23-44ad-81f5-26479a819442
last-modified: Wed, 08 Dec 2021 17:43:55 GMT
server: cloudflare
x-trace: 2B0D8C114E1CAD5125F3FE38C8C4A142920B5790BD000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.intezer.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6ba7e2086d10c286-FRA
expires: Wed, 08 Dec 2021 17:59:38 GMT

GET
H2 200 tether.min.js Show response
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/ 24 KB
7 KB 19ms
2ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/tether.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 13 Dec 2020 07:21:07 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/themes/intezer-v2/js/tether.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/ 46 KB
11 KB 19ms
2ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/bootstrap.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 13 Dec 2020 07:21:11 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/themes/intezer-v2/js/bootstrap.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/ 14 KB
2 KB 23ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/main.js?ver=0aeebf0e297002559f8cf4ab5cad896d

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e22eaf5ba4db871d099871b16d9c1ae2e657b50d0b94014e168c6156808a280e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 15:54:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/themes/intezer-v2/js/main.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/dist/ 5 KB
2 KB 20ms
0ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/dist/hooks.min.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:58:38 GMT

GET
H2 200 jquery.ajaxsearchlite.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/ajax-search-lite/js/min/ 73 KB
19 KB 24ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/ajax-search-lite/js/min/jquery.ajaxsearchlite.min.js?ver=4.9.5

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0a1af4d6495079c1a02bbd0f55a3d04fcf7835f66495f4ff7824531e1e715ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 14 Nov 2021 10:09:58 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/ajax-search-lite/js/min/jquery.ajaxsearchlite.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intersection-observer.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=2d4bf43f398489795f1893179047a63c

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Tue, 30 Nov 2021 17:16:10 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazy-images.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=1c8bb5930b723e669774487342a8fa98

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Tue, 30 Nov 2021 17:16:10 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/cf7-conditional-fields/js/ 132 KB
30 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.0.7

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

65f5e116b152127853bcceef2864070a979cfac6f9fac3a6a3800709db4d809c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 31 Oct 2021 06:17:44 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 68ms
18ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LewXc8UAAAAADEYz8dYpHTk55uH2MjKqbyc1sXD&ver=3.0

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8d3af41050b28a394367164271f7468518681ce3c2409fbfea04f8865fffa7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Wed, 08 Dec 2021 17:58:38 GMT

GET
H2 200 index.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 934 B
529 B 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Sun, 31 Oct 2021 06:17:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webpack-pro.runtime.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

efbe1f9113f1707d25db78c96b43862a85f06385fb5b85eb9be2858ccbd52e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:42 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webpack.runtime.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.8

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4e8b062018e10f9da5279f7ea03eb0f229a656ba1f82016ed76a82ae1e70cf6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:11 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-modules.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/js/ 14 KB
4 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.8

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9af6cc766bb30e9809acc21d253b1c5bb67d998583cbb33d24d18b95f658b18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:11 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/js/ 20 KB
5 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8f6c37b21f453721dffa0212085879cfe42fb85a334dccff0e0ad2f71fa4835f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:42 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 waypoints.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 07:47:51 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ui/ 20 KB
6 KB 28ms
0ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:58:38 GMT

GET
H2 200 swiper.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
33 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 07:47:51 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 share-link.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.8

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:11 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dialog.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
3 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 07:47:51 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/js/ 36 KB
10 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.8

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ef46e86368c01cffc9a55e4ae44acbe6f5366913c4cb3af0ef90fad6210bbe29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:11 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/js/frontend.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 preloaded-elements-handlers.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/js/ 126 KB
28 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.5.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fceeff59afa5feab1b7bba6d098735b5a6a4807fbaf3984a78ea58aa5d85b964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:42 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 preloaded-modules.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/js/ 32 KB
9 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.8

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c07872c94137c75eff810332cf06d85a8a5c82b5c3bf803a616c8079abfaa9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:11 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sticky.min.js Show response
149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 25ms
0ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.5.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:37:42 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://www.intezer.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e-202149.js Show response
stats.wp.com/ 9 KB
3 KB 50ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202149.js
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 28 Nov 2022 01:11:56 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 77ms
29ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3a794323056095d4ae3d4bccb01fdb689b186c5343f70248d41e61e951cf72fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17610
x-xss-protection: 0
server: cafe
etag: 5620577396173936331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 17:58:38 GMT

GET
H2 200 5492986.js Show response
js.hs-scripts.com/ 2 KB
713 B 154ms
153ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5492986.js
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c19e2bb4b5df58d2bdc0ea41b4b9e8fc826bb9fe5ec100a8a8fe0b66f564c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 79def777-e29d-4948-b582-3db4838207f4
last-modified: Wed, 08 Dec 2021 17:56:07 GMT
server: cloudflare
x-trace: 2B0136264BC4BB976B747769C33E6E43B3F1F883D5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.intezer.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6ba7e2086d1cc286-FRA
expires: Wed, 08 Dec 2021 17:59:38 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 59ms
25ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 120892
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6ba7e208ae450609-FRA
cf-bgj: minify

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
270 B 446ms
445ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQmPO5ufIFWnrmAy0k1p372PLsUhx%2BakZweod9T84%2FTeVdhph4Wm8mnF4uJr4T1tqkNFuDcJqxk1jqvaKg30SRmQVjN2Q4rfsqrj4UHNzCascM0WXyaZeF%2FSJFYp4yVQW1zkZmdaDQgis2l5RSbk0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20809acdfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
274 B 413ms
412ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmC5oFck953BAUb1VT7VSL1qqeXCGJvFklekYSON8nRdatp0HcUU1JpOs5ZIYivJGSqZa%2Bte9%2F2h28wa46XWiE2iYlU9HoMH74mbrUhRji%2BH8cx%2FpGXvQavzWD%2Flcc9umAle8MKzgZ9Sr%2B375VHMLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20809aedfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
278 B 418ms
418ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpVI6e3IMoCD36yKOFuG%2FfStr0PM6Y9EDbN%2Bgh1qW5IwBGYmPSxtls060nWh21LobLKTOXZ4kRJ0PJYJvjr5chJya%2B%2FnDWWYU93AQb%2Fq%2Fw8Bnes2ghqQ76tuIQJQ%2F2GQWLXi6m5lPW1N1sVk%2BCRdyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20809b4dfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
274 B 417ms
417ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqS1nGCWj8B50t1ijuoFVZAeyh4rZmvAnA66qGUFdok4V70FMmVbZvS%2FXxhtFuXlXADe6%2BaZKdLK5DhrfXYiB1uKDaz0XgpdQlzLatVXxx6hgf96fnd%2BvjB%2BqReXMhtB8AtpJN%2FuB4rgqV3WRfnkeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20809b8dfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
275 B 440ms
440ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zME9QvaZ9Ye0ZW4Z3IFWkdNu2XNeIXvHj6AfCMU%2BE%2BN9I8EO8E1HbpIFSQzlIE9BfXQPEJqMoGyux0%2F7ZIwat7AM%2F9hNkaThKB9fjeJLf5a6giydc40UHcI4rR7MOmdwUSbO8Pygt3tymyI%2BBvcDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20809bbdfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
275 B 409ms
409ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kc18kbtbPg84sT8IExYtAutVIARSow%2BOOI7GB9JO5L8L1oVhk71QoVLrngDB1LKNMnsGoKdlEhla%2Bxsq%2FHeYzZQEmyQZeS%2BnV0octIxNCkoXARVOUhVrUaIcc%2F9yNlqmDFiXRti0mMBDBbC%2FEEYpjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20809bddfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
670 B 418ms
395ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cpb7Bqj5K6g%2BXBNq5r%2BnHJkWhEUUFct5c%2FeQcUuepOfDAqqEX8zeZZeRKP2VokLOXQKNdpr3d3dlicYSQQx%2B3jP4QlAmWDnhW6um7MuECkE%2B2odm6MaHX%2BqOxTBJZwNSfjPzDgX3pTvs6aeUROzBWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20839f2dfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
279 B 418ms
396ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Es0YK%2BLs7yx0qNhxWZtX3HjGUEtXiTye25C%2B22rGQ6eENFc%2Ft0%2FPk4vC1A%2BlFXljzkMECjeHrXBdPDgwGPMMNT6FKj57AqQwbXcBD8MQ%2BiuobwIxstqNHNL%2FBRAqfFdzuqh6RRRzfYXLMuTx3swxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20839f5dfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
275 B 446ms
424ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNZoA0kUwP3d9hvBxBW6AwblHplD8y8OGLOHM6J2yjD5oqvtED0nCHKKBSZQb5pWycDhfD2gUWpyrR%2B37AGfwqGip%2Br%2Bgq5gHOQXhNcMAlEQSEsqZrIciZr2OjuMAoG78R%2FXaALmjEP%2F106zfSCDmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20839fadfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
272 B 486ms
465ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbWy7nnZKXHVNtdqan3G1Lbxhgs98BB41OREPoZgrHJlsZ7bZ1HAOPL9FXyxtrSkGC3bugYr8b00mrvFn8ENEBneKlhKEmfxAZYJEo3cUKIgThRSlKal0gOV%2FoU08YEp4NHxm4%2Bc4LsM4g%2F0f%2BlgrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20839fbdfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
272 B 138ms
116ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBZSwXD8TyEyQhms1csOIv2fxniIuvDwfe2AR%2BcN041O30iPeb1NFi4%2Bq5jjQQ8CFe1tJFVzpWAut7DV5b%2BtgvmZDhZkjvuNtHv6g18Gqt6HNLZaBiDmwvxVhMzYUezRWRUMlBK3VhG48l%2BLEzogbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20839fedfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
666 B 454ms
433ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUasM2BWbLxgSqtKbqkFQ5HiL4Mxs%2Fo9OBHDclV2gsAsxZyFjGT7ZeuKYbTC3AhD%2BU%2B%2BqrO8PaD0KniUHeVBZLe4dCoFN2dVRrXm2xyEYSH72koV07dutFXvrp8mLc%2Fl5ZyDcndcZaUN4GBnysvtcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20839ffdfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
276 B 409ms
388ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QglsvRDjfBq4xfEfnZqw4YYAS0KggvUjQ%2F0%2BDMud1whH8lDBoCODCQJRulsTkJGmMXddU1EdVKFivU8oFq%2FaoGUaAGevEP9M9%2F5QdPVvimZr%2Bdk33XZoHRq7jpGfNYfd%2Ba4sF9LmKxigv33rmk3cOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e2083a00dfbf-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
277 B 437ms
416ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DizQprJRAnFzOJ7llHv2lCmAnqhWw70YXU8Bl5TxWue6BVLS%2Fdb0hGk%2FC%2BXn8lRGTujpV4CbW819%2BUrPsQ81pWrcR3lK4f%2FMInBfg84t24Q95GT9d5dpGLkiiDwK8dYCslsNZS%2BwhUI0PUu%2BFAjA3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e2083a0cdfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
270 B 423ms
403ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar6Urbn7t9ZSlLs2brNQKnDRf2wxFf5OOSzvSTXO9CkoQ%2Frw%2FGAqujJfG02K0r3pmpODIXyrSJBr3h%2F218Ecrbla6uVM7GLStooWO5EKExuji1CLqwoYkHY8pEYsZlThLgbABxLwglsF2DuTQe53uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e2083a10dfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
272 B 426ms
411ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2FA3GA02YsSdQJTOJad%2FxQCfotKYd6rcj5ajAAGY3sZX5Hsyxy6ZyVy9qzoVjSY94GnRlbWIC2AqG5Nc%2F5Tn4ZpHTbhEuWg0ug3O8p6U0jGUtdhF%2B97Ybj4Lc2x42nfXGqyDnI7n%2FgbrNJFQnSlZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e2084a1ddfbf-FRA

POST
H2 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
271 B 450ms
435ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTnC3ZiqsVpKBcd03fXVFtbjARx%2BB17fKbJPSbTU2GdIvABT872hlxhUstKsfy9%2FcPndwH0BhEAFIhucvvCUk0qcoBO2H%2BgHHUYpQsccWTdIgVuKkPIosdPJt8tWjtWjp%2BmH1pDmWkTpDgvSJ4K8dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e2084a20dfbf-FRA

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H2 200 search-ico-black.png
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/ 508 B
656 B 21ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/search-ico-black.png

Requested by

Host: 149520725.v2.pressablecdn.com
URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

993b54391ed7524e6f321326d0f7bd2ed8f92bcf4e08bb1efc988ca16546807c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:22:43 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/themes/intezer-v2/images/search-ico-black.png>; rel="canonical"
content-length: 508
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H2 200 star.png
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/ 899 B
1 KB 22ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/star.png

Requested by

Host: 149520725.v2.pressablecdn.com
URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9bea4073ca8eb9ea977081e0eaa614b3be5d03b818469694825e7849bbe1cc28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Thu, 25 Feb 2021 11:18:03 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/themes/intezer-v2/images/star.png>; rel="canonical"
content-length: 899
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 42ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.intezer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 06:37:09 GMT
x-content-type-options: nosniff
age: 472889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 06:37:09 GMT

GET
H2 200 fontawesome-webfont.woff2
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/ 75 KB
76 KB 28ms
7ms Font
application/font-woff2 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: 149520725.v2.pressablecdn.com
URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/css/font-awesome.min.css?ver=0aeebf0e297002559f8cf4ab5cad896d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/css/font-awesome.min.css?ver=0aeebf0e297002559f8cf4ab5cad896d
Origin: https://www.intezer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:21:24 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/themes/intezer-v2/fonts/fontawesome-webfont.woff2>; rel="canonical"
content-length: 77160
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 museo-500-webfont.woff
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/ 55 KB
55 KB 28ms
7ms Font
application/font-woff 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-500-webfont.woff

Requested by

Host: 149520725.v2.pressablecdn.com
URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c6c82452d4595c717df8f740c6f9ff4e6ae5bc1bb9f716584b27f457f18a1d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317
Origin: https://www.intezer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:21:23 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/themes/intezer-v2/fonts/museo-500-webfont.woff>; rel="canonical"
content-length: 56060
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H2 200 museo-700-webfont.woff
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/ 52 KB
52 KB 7ms
7ms Font
application/font-woff 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-700-webfont.woff

Requested by

Host: 149520725.v2.pressablecdn.com
URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6bebe6bf7abf43624ab1ed62cabc6a1e1d9d5f1cea38042e516439b5391c1621

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317
Origin: https://www.intezer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:21:20 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/themes/intezer-v2/fonts/museo-700-webfont.woff>; rel="canonical"
content-length: 53376
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 museo-300-webfont.woff
149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/ 54 KB
54 KB 8ms
7ms Font
application/font-woff 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-300-webfont.woff

Requested by

Host: 149520725.v2.pressablecdn.com
URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c38df4a2300e1acd22e8547908f1c0815e4232522aed59fd2d45942480b56f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/style.css?ver=1638986317
Origin: https://www.intezer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 13 Dec 2020 07:21:22 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/themes/intezer-v2/fonts/museo-300-webfont.woff>; rel="canonical"
content-length: 55444
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
615 B 152ms
137ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sAdJshmql75rMo0pWxeNWM9lXc2d4dyci6Gh%2F6YElz7W3tz%2FGFleeH2SKBLWTrmFnG907c26pERMWlSiN3GJ16sqbI3s1fbwKsQcf1ROMsSX8oG8ukDHjgaCo7g2YVygGT4Y5NHnT2CZwh74EG9fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e208fb7e4a8c-FRA

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
665 B 149ms
135ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6igLXYz4xqWL3plLcVAXU9OM4u%2BGWMG50ciHn8ctmQYhW4JJq%2FmJf1FAwA1KIt%2FeoVvNU2Px1lTUoY%2FFSFI4%2BrbNvEW8J8Q%2Ff0XBCRNqbGKckdoh4qC%2Fh4HZEAyRfwD763%2BIOKL3sdQE%2BYIGZfyhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e208fb7a4a8c-FRA

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
622 B 131ms
131ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOLBVqVUQaaCNGPmCy%2FM7y1%2B9ZQYujRtrqdPM5CVVSY4i%2B7UHX7d9iFRi3shRXG%2B5WrvYiL1P3J8iZkfoaG5wjBXDf9KPgiQUffeoFcktYHrht9gbddmWGQGmR0Nmc0yIsSES7PnsSgl3s9bLGJ%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e2093c0c4a8c-FRA

GET
H3 200 128260767783916 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 178ms
168ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/128260767783916?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fed6b941179411f03c10b811a833ed2acb5ca2a9d019cfab84fad586448bd74c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: IlnWux2M5FIG35i0wOu8nXyPJSQqrNYH6xGx4yX/AMiV3+ExnNi4yZU1ErgEc9EGno0vO+RxTqHWyYGeKj917w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 08 Dec 2021 17:58:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LewXc8UAAAAADEYz8dYpHTk55uH2MjKqbyc1sXD&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/
Origin: https://www.intezer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 15:26:55 GMT

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 588ms
110ms Script
application/javascript 54.91.60.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.60.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-60-31.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 17:58:38 GMT
Last-Modified: Sat, 23 Oct 2021 02:33:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6173747c-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842858921/ 2 KB
2 KB 113ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842858921/?random=1638986317892&cv=9&fst=1638986317892&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

595d21dba2b6fb46b8560f9c5b6472a43fa6977f34a69073c23f5431218a9846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 7ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.5-a.1&blog=186808338&post=21121&tz=0&srv=www.intezer.com&host=www.intezer.com&ref=&fcp=0&rand=0.13073543981503666
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Dec 2021 17:58:38 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC95766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3451
date: Wed, 08 Dec 2021 17:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Dec 2021 19:01:07 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 74ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC95766

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 17:58:38 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 67ms
14ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC95766
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100065-IAD, cache-hhn11520-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 61ms
9ms Script
application/x-javascript 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC95766
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 17:58:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=28551
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 hotjar-2053093.js Show response
static.hotjar.com/c/ 4 KB
2 KB 88ms
39ms Script
application/javascript 13.32.22.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2053093.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC95766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-91.fra56.r.cloudfront.net

Software

Resource Hash

39eb075e17b2547d61e49f5a2c40154b70d9e089a38e0bf529bc5ce71da55c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-C2
etag: W/8180e4502d8647f59a101d8d6c6056d6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DQxNBxsisflN96Zj_WVif7zPZFjDpO3NZArHL0gNrh1Ym7uamZVwXA==
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET 5450.js
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H3 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 87ms
40ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2456470
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 6ba7e20b0fb56919-FRA
cf-bgj: minify

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
624 B 147ms
147ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfUxkLOdPmOYKoUvvlHK2BCXwmgocOpaeazWHm4fXHX8oLPXBWxELWM3OibQMCUtDb6j%2BncZR%2FFHC%2BksBI0IsmbMyrVmVR0nRcWGPwU9Yo%2BEjin2Z0QuvBwlYViaKT9J8dKnLvQhRx%2FIy5BHaKoz9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20ad8074a8c-FRA

GET
H2 200 linux-pop.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/ 3 KB
3 KB 7ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/linux-pop.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

969f9c1b72eaa268385c8f1ddf02b07ef971d0e2d4d83921014531a4b9a75969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Sun, 28 Feb 2021 09:49:49 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/02/linux-pop.png>; rel="canonical"
content-length: 3146
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
621 B 147ms
147ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ffc7dVnUaFTyPPr7jfh%2F5ggbA23%2F3jre39Fg2kY%2B%2FaXDpUDvpXFIgEVsCaMB5iIMkgnaEnzLicyjrzd%2F4lUSn86xunftaVmXze0itbDb6dfGrFMa44D73pGuS48RdyqLIsWhBrF7RPxXBHUaUUl9hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20ad80e4a8c-FRA

GET
H2 200 kubernetes-pop.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/ 5 KB
5 KB 8ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/kubernetes-pop.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ef7d760ee20a28f1e59bdd228bb10705687f5397d3c98d108a7f8c1247b9ad18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 28 Feb 2021 09:49:48 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/02/kubernetes-pop.png>; rel="canonical"
content-length: 4895
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
619 B 147ms
147ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxcKpFv1BnD6W4tJktHJsdUH2gguqmO%2Bho6Tb9wfSes6kOTLny2u61lPZFVcdkYqGVOhnwqanNxrpvpez9V42%2FHgjMaOGIGaIyxsUJSY%2FHov8K370crBbpyWOqPClxM076TwM9rWJ6X4H9poBG4FgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20ad8104a8c-FRA

GET
H2 200 containers-pop.jpg
149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/ 3 KB
3 KB 8ms
8ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/containers-pop.jpg

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3167a1a4cda80b0f7258edfddb30c6030036358d9b424a71ba473eaa54685f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 28 Feb 2021 09:49:46 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/02/containers-pop.jpg>; rel="canonical"
content-length: 2659
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H2 200 aws-pop.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/ 3 KB
3 KB 8ms
8ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/aws-pop.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9026b5846e1d90ce06c0fc69530a30275a1e4e0161e8a72dac9bc2f647d9d1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 28 Feb 2021 09:49:41 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/02/aws-pop.png>; rel="canonical"
content-length: 2986
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H2 200 google-pop.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/ 3 KB
3 KB 8ms
8ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/google-pop.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

65ab45f57a63994e78a6cc0186a9b3a42132e97dfe8b1d29d67b0bec86948a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 28 Feb 2021 09:49:47 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/02/google-pop.png>; rel="canonical"
content-length: 2714
expires: Wed, 15 Dec 2021 17:58:38 GMT

POST 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
0

GET
H2 200 azure-pop.png
149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/ 2 KB
2 KB 8ms
8ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/azure-pop.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

504d394f183d7c0a768d4604a848894965810382dc6d61f6dded6f09c524ab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 08 Dec 2021 17:58:38 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Sun, 28 Feb 2021 09:49:44 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://www.intezer.com/wp-content/uploads/2021/02/azure-pop.png>; rel="canonical"
content-length: 2361
expires: Wed, 15 Dec 2021 17:58:38 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 279ms
52ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5492986.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 768e9f571558630520b67b0e5cbd1906edbbe0d47a4b8270bbbf1147da30c1a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
via: 1.1 5e1f849553b1d58615d0d8f7c044078f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 133
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9460/bundles/project.js&cfRay=6ba7dec8a8b97021-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 06 Dec 2021 10:01:49 UTC
server: cloudflare
etag: W/"b3a6c7ed04580e98000c3a5a624db248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _jOiiD.XOuBgizKr1hEb1wt0v8fSgzSl
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6ba7e20cb9d542ee-FRA
x-amz-cf-id: JrmAQ7aDPudIb8-LHjBg_B98MtnMt0w9otNr7mrBohu5uAG3Qm9Fiw==
x-hs-target-asset: conversations-embed/static-1.9460/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 68ms
35ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5492986.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 693f66db1753b1be8cb51f2ec0a01b9a95d87ffe568c2301dea6b7df31c948a7

Request headers

Referer: https://www.intezer.com/
Origin: https://www.intezer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
via: 1.1 470d4277236d0557f3e42c6bfe9dac79.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 22492
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1065/bundle/main/lead-flows-release.js&cfRay=6ba5bceb6ed42c0d-FRA
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6ba7e20b7bbc2bad-FRA
last-modified: Tue, 07 Dec 2021 11:25:46 UTC
server: cloudflare
etag: W/"4864e0ef979b2b144e94733a4f63097e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: aanIBLl6ELIlPO3fs246JgMWvaIHOp8y
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yPvzl2BU-IXp46QwfgW3Z5XV0eM_SlS36UQA0G6fsdBbZ9mF8OFTcA==
x-hs-target-asset: lead-flows-js/static-1.1065/bundle/main/lead-flows-release.js

GET
H2 200 5492986.js Show response
js.hs-banner.com/ 62 KB
16 KB 53ms
22ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5492986.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5492986.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ecda488604a2adc238627df58852418598d38a958ee17721372fa9ad322317

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 150
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: 3KM8ECEZAB3AW0MP
x-amz-id-2: u9sgHcHowGG+qUJZ8MsZ4Bao+rpItF0IP/5dNO1v17Ua2zGWoof7YUuHvZF282UIiOOhPJubvcc=
timing-allow-origin: *
last-modified: Wed, 20 Oct 2021 12:51:54 GMT
server: cloudflare
etag: W/"204745fd2b5e148f1d4a50b188dc59da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: UrZdsx_YVdCVB8Y6yd.TkiANyCDEokdE
access-control-allow-origin: https://www.intezer.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6ba7e20b7df15c1a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 08 Dec 2021 18:01:08 GMT

GET
H2 200 5492986.js Show response
js.hs-analytics.net/analytics/1638986100000/ 62 KB
20 KB 197ms
164ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1638986100000/5492986.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5492986.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5145875b215db7c9340d01553694e8877f1d105ad8202b1f5ec1ddf214a6ef8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: YFMDZDM7PFQ0N0R4
x-amz-server-side-encryption: AES256
cf-ray: 6ba7e20b7c654a7f-FRA
x-amz-id-2: osGY8fkRr0PeSyoMxTAXBU3xMR8VdWCbyhryt1VfVmIoGUL0FpTb3SyG4LKkVlQyVWpAkqzCOz8=
last-modified: Wed, 20 Oct 2021 12:51:57 GMT
server: cloudflare
etag: W/"e7bbf4d0dfa610fb0f686bcdd1fa3156"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 08 Dec 2021 18:03:38 GMT

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ 227 KB
60 KB 214ms
12ms Script
application/javascript 13.32.22.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2053093.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-63.fra56.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8552
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _FICtIqOpoVBWBAUh52vtJX-KpZ7f392UYs7r_wUC0ZK98p6LXjBHA==

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
623 B 164ms
163ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2053093.js?sv=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJud4YiaxQ%2FuIrvoU4teAQf3wwG8vHnH%2BkVsi%2FiTG4RbLV9tQlqFQb5NtW9%2F4ef1%2FlnmZ9blh6P8TZhNhUnvNQJhfkE34%2BBuYuuMXexbPuVMHKXiDbFVjMFzn6KVWqU2u69OsdnqMwJAHm0piaBlDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20b79434a8c-FRA

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
620 B 440ms
439ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzR3nOoyGfdb5bvSMLYbW7AyQm3W%2FuIFW1sH21UtA%2FAo3uw31plgfjaBTlnb%2FJcfrr6nNvJt8FQrotIckfjgDR0KkHflQFPrrfTNvYVqrQnyIGKWtOxfXYMT9C%2F8NAE2vAr8xeF7VRySiPKy6hGZOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20b79464a8c-FRA

GET
H3 200 /
www.google.com/pagead/1p-user-list/842858921/ 42 B
64 B 232ms
31ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842858921/?random=1638986317892&cv=9&fst=1638982800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&fmt=3&is_vtc=1&random=2227363072&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
623 B 130ms
130ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rct%2Be9NDhiG3KbBCDwu5qRSgY84g8RcpDkxyVlDg5tep%2FFCKMQdnWtb7gavLebkMX9%2FAAitRHlT1mMeLinxYEPaSX%2F8sfWBkqVFeIHhVGGnpE4QiGYX4SvbwhvVjI0%2BI2jgtbmb4%2FJ4FXArqrLyRBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20b794b4a8c-FRA

GET
H2 200 /
www.google.de/pagead/1p-user-list/842858921/ 42 B
108 B 218ms
22ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842858921/?random=1638986317892&cv=9&fst=1638982800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&fmt=3&is_vtc=1&random=2227363072&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
618 B 137ms
137ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlTY0Y6XsEcfKYQftjnXEeJKmU2Lm2ZjMM4Chbcv1d9jTgouVBguhu2KoHE0kDbhWdVZzbvnN9p9xZ7Pg1iVEdyzznj36aHofkWe3tPo%2BCA%2FYxgOSPErrrW1%2BLRgu79m6bLk8sQzYQuJ5P762DClng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20b89604a8c-FRA

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1327356%26time%3D1638986318071%26url%3Dhttps%253A%252F%252Fwww.intezer.com%252Fbl...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&liSync=tru...

0
156 B

306ms
112ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&liSync=true&e_ipv6=AQKEQvrwotKjHAAAAX2bMoX1snK3D9FlXXRwDPhhmgGXaO1WPs9AiVgktgKI2XJLqcVw1OzNzg
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: A4CxwV/ZvhZAyyrglisAAA==

Redirect headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 84519A5C5D50451E8D83FF7A0DAA4AA5 Ref B: VIEEDGE3006 Ref C: 2021-12-08T17:58:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&liSync=true&e_ipv6=AQKEQvrwotKjHAAAAX2bMoX1snK3D9FlXXRwDPhhmgGXaO1WPs9AiVgktgKI2XJLqcVw1OzNzg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXSpj1bDvU3Hm5FHmUzHA==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/725468766/ 2 KB
1 KB 82ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/725468766/?random=1638986318074&cv=9&fst=1638986318074&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d5b4b3e2d52d51c363cb8e0cebfecbcf1293e0bf11e00c17028cba39bab4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 96 KB
37 KB 37ms
21ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-PMZPF7T&t=gtm4&cid=676202216.1638986318

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80a679d6433ed147c4afc109f398daab03894131a4c21e71e35e4a9f86e2988c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37547
x-xss-protection: 0
expires: Wed, 08 Dec 2021 17:58:38 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
676 B 302ms
133ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nzi1c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=dfb108f4-0a2e-4a51-b477-e69eca117425&tw_document_href=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Wed, 08 Dec 2021 17:58:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 15d76495628226632c2917f8fb0ad1a20857fe3f22446fbb7b75fdb3f3cce8c5
x-transaction: 025518fc63c9ffca
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
239 B 302ms
133ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nzh93&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=d2e3b7ff-3cae-417f-8292-8ea6746b354e&tw_document_href=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Wed, 08 Dec 2021 17:58:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 15d76495628226632c2917f8fb0ad1a20857fe3f22446fbb7b75fdb3f3cce8c5
x-transaction: 27e4b7fadf0f60ee
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
622 B 128ms
128ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3uWo1RGcDU654whPRf0od%2FrGiYAa8iqzL4ghBsmNeIawosbiCbVvs5OOmlVp6iu436glZ73f3YrwUzpRhBUSK5%2FR0QKbzGlqz2l3u6PyZq%2FwCiTNjrTeMngIvQJ%2BEJdELvk1Ugmm1R%2B%2BB4ZqOWmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20ba9bd4a8c-FRA

GET
H2 200 adsct
t.co/i/ 43 B
470 B 290ms
122ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nzi1c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=dfb108f4-0a2e-4a51-b477-e69eca117425&tw_document_href=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 106
pragma: no-cache
last-modified: Wed, 08 Dec 2021 17:58:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bee87b66b6d68dc8962b2411820ea7c02df28496d9146729898626807b3e7ebd
x-transaction: 9ce5c3c9f2b92ede
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
620 B 125ms
125ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irgbvPXGN35Ui1Qa8F1bps9YDQZQMJdOiegKGl8%2FJ5EwhninGsjMEadGR08cy3NjtYt4r62vLOlgI%2ByJd1X33xiNWkb9QDeoYfcMQnOqke0xphWePQVWD9Kd%2FEVONAzX49tX7P3%2FwyYnkc9woMGWjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20ba9be4a8c-FRA

GET
H2 200 adsct
t.co/i/ 43 B
124 B 237ms
129ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nzh93&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=d2e3b7ff-3cae-417f-8292-8ea6746b354e&tw_document_href=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Wed, 08 Dec 2021 17:58:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bee87b66b6d68dc8962b2411820ea7c02df28496d9146729898626807b3e7ebd
x-transaction: c47635c3e7a583f5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EF05 39 KB
20 KB 50ms
39ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewXc8UAAAAADEYz8dYpHTk55uH2MjKqbyc1sXD&co=aHR0cHM6Ly93d3cuaW50ZXplci5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=il30ckwryvng

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5b118e1c218db7ad0e0026f4b98d5af367de1f3d5ac16e12d1dc8351be8ef6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5id+/5r+GZ74EWOSoM1hQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 Dec 2021 17:58:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-5id+/5r+GZ74EWOSoM1hQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20173
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame BDCF 2 KB
1 KB 29ms
8ms Document
text/html 143.204.209.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2053093.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-120.fra53.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2gEhFwZkX2uGDrTkk031oO0d1nPKkzAq7pi4klfZQb2U6mB8iyIylA==
age: 525932

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
626 B 128ms
128ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XOMFmvlRcWGshNyU83itduuZnJq2wLhr3P%2Fy89S41XbAfXpK%2FlHwCCxHR%2Bw%2B23BX%2Fy%2BvEBx8q3bHF81YfehSgm47QwIdmqVQ3pm5TdTBYFQQeEhgHjxaz0QYr%2BKpby1dzN9xg2TBxRi5sQmOEWKpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20c2adf4a8c-FRA

GET
H3 200 /
www.google.com/pagead/1p-user-list/725468766/ 42 B
64 B 126ms
34ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725468766/?random=1638986318074&cv=9&fst=1638982800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&async=1&fmt=3&is_vtc=1&random=2632901279&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
622 B 418ms
418ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHSqY2anqAafCkMojE%2BAaQ%2FtJxkS9Vy2VoqtKsg461zdoSQCcv67HtH2h%2FWZSgJZR9jfj0oBRcNboNa9WnQhklO3MxK5fBFzSOdXSUEsscVT1GqJw%2F0MQETBfbr9DLibOSo4F2x8Nw8NST%2Fu8T8WYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20c2ae14a8c-FRA

GET
H2 200 /
www.google.de/pagead/1p-user-list/725468766/ 42 B
548 B 47ms
21ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/725468766/?random=1638986318074&cv=9&fst=1638982800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&async=1&fmt=3&is_vtc=1&random=2632901279&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
625 B 146ms
145ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnrG%2BJe0yMPGKw%2BFsxrxwHUUNiI8jHlmizpUkMqdO2Vg0o0TdcYcT6JHyiB4mVxyJIbxs27UZJkW1XaZuf2LnChfRWXhrQtHnB%2B%2FJ9aUpfFlUwXMmUt3l%2B2kglIpd%2B6FnbBWIHYwzprPSd1OsnkwGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20cdc744a8c-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 17ms
17ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1813315710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&ul=en-us&de=UTF-8&dt=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=2008479733&gjid=262269706&cid=676202216.1638986318&tid=UA-97741055-1&_gid=2077288212.1638986318&_r=1&gtm=2wgc10KC95766&z=1505327769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.intezer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
627 B 134ms
133ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVg9qa6NnQIrg5zqsT22g2H2pAs%2F5NkJM3HB9egTVaGjKXM9%2BG1HwmVJ8WQ73%2BDz%2FAzk8tlXI6C%2BmI%2Bk5BOS2g3vuqkqhsjqLQxYhbds%2FN2yW7bb7uM7vQZF1R7v8VRrsnaXo%2Bwmn%2Bb7ojkru8Xbbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20cec864a8c-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 53ms
17ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97741055-8&cid=676202216.1638986318&jid=1306896231&gjid=1930711636&_gid=2077288212.1638986318&_u=aGDAgEADQAAAAG~&z=960691983

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.intezer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
622 B 126ms
125ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uqzudDHRaiANSAge6mb9%2BsrivCJ0hVb8DMCQiDlgGieidFJP97BFxoEj%2FgSSGXETp%2B0ztjCnSA6SB2ogS2FMep%2FsqvZCBtCNE1ZMmMVqt%2BXaU%2F0E78fRF6S1XJj6LFosGHj2ynW73uJ4vTNNamNHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20cec8c4a8c-FRA

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
9ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1813315710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&ul=en-us&de=UTF-8&dt=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAC~&jid=1306896231&gjid=1930711636&cid=676202216.1638986318&tid=UA-97741055-8&_gid=2077288212.1638986318&gtm=2wgc10KC95766&z=858119457

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 02:34:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55449
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
625 B 136ms
135ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fghE6llXyyHhvXBWpE4w50eKuCe41GM3VExXAFERFSIeCEDVVy0aqCFXJSogESDJr%2FPd9MyDusRUy81i3NN9x%2BKiSMrG%2FbR%2FTYBFCUyeWcSb%2FGcZpk7DAqnsPmSZB7FGgdOEX7Dte%2FGmHnvK7sxgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20d2d124a8c-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97741055-1&cid=676202216.1638986318&jid=2008479733&gjid=262269706&_gid=2077288212.1638986318&_u=aGDAAEACQAAAAC~&z=1779116835

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Dec 2021 17:58:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.intezer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
619 B 137ms
137ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy3t%2BUS7TExCwGboMTZo8wg1ThYUVg7X%2B8mEOcFE%2FgqG7G4UTrqMvGr3ELeAszg0DJBypIabAcm99cy7Hw8oMVRrAJlCrh4nW0ZhSIMssHtWt3cCYUCkabnbx6j7o6DSumJqfyTY8vDol5PkBRHQYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20d5d7f4a8c-FRA

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 1739ms
1739ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97741055-8&cid=676202216.1638986318&jid=1306896231&_u=aGDAgEADQAAAAG~&z=1133836563

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
618 B 413ms
413ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzI9qL0TGlshWvP54Ht9bkdXsQLcqS0bAWNH%2B8yv4gug7r6ff%2BoK8o5l5wKkHIOwp2fRFIBLFvPedNliJrOjMy54Za7sVPkhY2Aona%2BlOTStwU9hOVbp0BdzdfQMymp9Gsktct4IyIWnOg4HjnjRMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20d5d804a8c-FRA

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 326ms
308ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97741055-8&cid=676202216.1638986318&jid=1306896231&_u=aGDAgEADQAAAAG~&z=1133836563

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
621 B 127ms
126ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FReYlSs3LoXvBYTukrgwd6X6Iw%2BN2L9lpDa95u0gaTwyneEazfkmdI8H3uCm%2FBNG4VwhfLgQRkJcJ25xvi%2Bub0rn9VDRnhCcpYwY%2FUvWsl5sccZgqI8rzf7fpRnefxg2ts4frFTa8xoN%2FhFs8Pb8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20d5d824a8c-FRA

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 603ms
603ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97741055-1&cid=676202216.1638986318&jid=2008479733&_u=aGDAAEACQAAAAC~&z=339844580

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
619 B 451ms
451ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84LS80tM2zkGHASoJbhBxfPLtE8%2FHr08AfLl80NDlB60ktajhaL3v1zKJCFiLoMs7Ejvz4f2kt24V6EOgWOcbVrsm1siPir9t%2FEHFADe8QRKxXGJCkrXIs7JgFRA4rdCYW0Xc%2FMTOBqeol0%2FLkbXpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20d5d834a8c-FRA

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 330ms
314ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97741055-1&cid=676202216.1638986318&jid=2008479733&_u=aGDAAEACQAAAAC~&z=339844580

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame EF05 51 KB
24 KB 27ms
10ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewXc8UAAAAADEYz8dYpHTk55uH2MjKqbyc1sXD&co=aHR0cHM6Ly93d3cuaW50ZXplci5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=il30ckwryvng

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 15:26:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame EF05 347 KB
135 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 15:26:55 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
623 B 432ms
432ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54A1UWBODDNk61np0xqxy67sln%2BC47khaM0HgfTcs1NwSFifV%2BZuxSJ%2B41znhh6Lzx20ziKLb%2FhwpXPY0oGgUFo9lSTz%2B91FbCp8yp4n8CtfsOvBzjBKXEqcS7W2GIYxVAizCBYf6TXJcafigES%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20d8ddb4a8c-FRA

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
620 B 147ms
147ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZOIXgwteRMZK7PdJDqmR2x0TKJdBfFb1uc5v0EddfaoLc%2FFGdKBhi%2Bbw69oKduuU0E5%2Bz4pKLhTMxwL7s1UsjTAm%2FsFlMcYyeHcM90FIehGth3jNYwfX9hMtN1Mxf8fDec8EP8S5jA%2F38JJE2odHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20d9dfd4a8c-FRA

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 323 B
1 KB 280ms
190ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5492986&conversations-embed=static-1.9460&mobile=false&messagesUtk=ea2cb6450ffe4f62ad9d6f900bff088d&traceId=ea2cb6450ffe4f62ad9d6f900bff088d

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1e91bc171ff3528739e682ca155a38062f852756cc79977d00d335bef7d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9935d564-5217-4b38-83e1-6786073cf702
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 250
server: cloudflare
x-trace: 2B58BBE110B45F964DA3587E7B79F5B61BAEC011DA000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKYL7MLpjM3IkcFNro%2BhaLE1ZOAYlJokwTfFIub89lRLXgVO6VcYCMEn0JSmxZOdWtk9qCjJo3W9uWB18jI0lKAOQ8FYvemOd11smBz4ozFC%2FWjQ0O0LGC7g%2FLS534y0nNhIZK2d7iHp5e7%2Fpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.intezer.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6ba7e20f4d7edff7-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 180ms
147ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.intezer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6ba7e20dc9294ac2-FRA
access-control-allow-origin: https://www.intezer.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: d3ffb080-422e-4ee1-b52c-39f0a0746f8b
x-trace: 2B81837A901A41C6DDE175CE74A72C51BF1BB87497000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeEB9tU%2FgNanBiNEILDjj5GvZudq949bolSlyH2V3VR82duCPBHdQG1bkwW9ZiMx4zBNL8SXPCUrHeedp1k%2FrenWqavBFBZ4yiFOBHevlCYhZU3C9sLog%2ByVeKeD7t7WHA6oCi9nYjnhD0KTpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
618 B 120ms
120ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WI30ZKZBgGFrovKlk%2BEo8Q7oPiQxV3Nvh7q9IdOGJbkyW0dpvCrIYOBiQ0XaIPgBi6dvLx9O6i1pYp5IRl4AlfATnnt%2Bzf8at27xs6fQjA6yw1KO8WY5KVn9gMfom%2FirJNpoEb5B0s0ttdB4WkTZHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20dce964a8c-FRA

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2053093/ 146 B
323 B 270ms
37ms XHR
application/json 54.76.144.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2053093/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.144.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-144-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EF05 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 07:03:19 GMT
x-content-type-options: nosniff
age: 471320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 10 Dec 2021 07:03:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EF05 15 KB
15 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 110434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EF05 15 KB
15 KB 25ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 06:37:08 GMT
x-content-type-options: nosniff
age: 472891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 06:37:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame EF05 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewXc8UAAAAADEYz8dYpHTk55uH2MjKqbyc1sXD&co=aHR0cHM6Ly93d3cuaW50ZXplci5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=il30ckwryvng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 08 Dec 2021 17:58:39 GMT

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
622 B 131ms
130ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvehXl9LyxFrALv8TQJiMIBt73lz3b2rnTBqL2ZtEatzYOTq5%2FN8uBTVmNvV4Ta2ssZX5Dr144O4Z06dmAWZWdgYgf%2BmAZMbjK942uUT%2B0K%2BEEGQGe4aJZW8QLqNIog7VFwxbnYLTuw70PZraw%2FWaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20fdb2b4a8c-FRA

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
625 B 129ms
128ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eumHlsR7mXH%2BVmniWoL1Et%2FjbU6H8MK%2FDv26ln2s1ndIhb3dEtBLyIbPtUi1%2BE4JPwi0Zx%2FimrqaUITLGV1t%2B8XfYHaj3sQDxG8Lc1%2F1nD%2B2wteqg0WgPr5c0DllIg7Mj0RO80jCfURBLWeB9%2FHsAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e20fdb414a8c-FRA

POST
H/1.1 200
OK content Show response
ws16.hotjar.com/api/v2/sites/2053093/recordings/ 66 B
394 B 285ms
105ms XHR
application/json 52.215.195.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws16.hotjar.com/api/v2/sites/2053093/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.195.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-195-159.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 47bf1b370335e9a8260fb598e980fcaad03acd4f50e4c407672cf305d512158d

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Wed, 08 Dec 2021 17:58:39 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
624 B 117ms
116ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wxQDQ3%2F33DX0ELmjcn%2FzTygID6uY%2F2wfhg2XGw%2BIVgfCMn7KCQbuC87wq146KOggvTjRFqgrn%2FeP0GnQyjpQlegEHbAfziN4WIKdnLpXjjHBqk68XPeCvBcHRE4Gp48fT7bvREM43J%2Blr4Qy1lwgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e2103c2e4a8c-FRA

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 144ms
144ms Image
image/gif 54.91.60.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=5fd5ade352684d3c97554910&h[resource]=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&h[referrer]=&h[title]=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1638986318826

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.60.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-60-31.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 17:58:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Dec 2021 17:58:39 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame EF05 29 KB
16 KB 50ms
49ms XHR
application/json 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LewXc8UAAAAADEYz8dYpHTk55uH2MjKqbyc1sXD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97b6a9b3c49911bef82e3f04e51c64b5d796965f830b0e5d5c68402475dc4a90

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewXc8UAAAAADEYz8dYpHTk55uH2MjKqbyc1sXD&co=aHR0cHM6Ly93d3cuaW50ZXplci5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=il30ckwryvng
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 08 Dec 2021 17:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16528
x-xss-protection: 1; mode=block
expires: Wed, 08 Dec 2021 17:58:39 GMT

GET
H2 200 refill Show response
www.intezer.com/wp-json/contact-form-7/v1/contact-forms/468/ 2 B
3 KB 442ms
442ms Fetch
application/json 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-json/contact-form-7/v1/contact-forms/468/refill

Requested by

Host: 149520725.v2.pressablecdn.com
URL: https://149520725.v2.pressablecdn.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: .google.com .googleapis.com .intezer.com .youtube.com googletagmanager.com .opendns.com .hsappstatic.net twitter.com .cloudflare.com .comeet.co .twitter.com .gaug.es .wp.com .hsleadflows.net .gstatic.com .usemessages.com .hs-banner.com .licdn.com .hs-analytics.net .ads-twitter.com .hs-scripts.com .googleadservices.com .hotjar.com .googletagmanager.com .doubleclick.net .addtoany.com .facebook.net .google-analytics.com .pressablecdn.com; object-src 'self'; frame-src 'self' .hsappstatic.net .usemessages.com .recaptcha.net .intezer.com .hubspot.com .pressablecdn.com .hotjar.com .googletagmanager.com .wp.com .google.com .twitter.com .comeet.com .comeet.co .doubleclick.net .youtube.com; child-src 'self' .intezer.com; base-uri 'self' .intezer.com; form-action 'self' https://.twitter.com/; worker-src 'self' *.intezer.com; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nananana: Batcache-Set
strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' https://www.intezer.com/ http://www.intezer.com/; block-all-mixed-content; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: https://translate.google.com/ https://translate.googleapis.com/ https://www.intezer.com/ http://www.youtube.com/ https://www.youtube.com/ https://googletagmanager.com/ https://*.opendns.com/ https://static.hsappstatic.net/ https://twitter.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://ajax.googleapis.com/ https://www.comeet.co/ https://platform.twitter.com/ https://secure.gaug.es/ https://*.wp.com/ https://www.google.com/ https://js.hsleadflows.net/ https://www.gstatic.com/ https://js.usemessages.com/ https://js.hs-banner.com/ https://snap.licdn.com/ https://js.hs-analytics.net/ https://static.ads-twitter.com/ https://js.hs-scripts.com/ https://www.googleadservices.com/ https://script.hotjar.com/ https://static.hotjar.com/ https://analytics.twitter.com/ https://www.googletagmanager.com/ https://googleads.g.doubleclick.net/ https://static.addtoany.com/ https://connect.facebook.net/ https://www.google-analytics.com/ https://*.pressablecdn.com/; style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://*.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://*.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/; object-src 'none'; frame-src https://static.hsappstatic.net/ https://js.usemessages.com/ https://*.recaptcha.net/ https://www.intezer.com/ https://meetings.hubspot.com/ https://*.pressablecdn.com/ https://static.hotjar.com/ https://www.googletagmanager.com/ https://widgets.wp.com/ https://optimize.google.com/ https://syndication.twitter.com/ https://www.comeet.com/ https://www.comeet.co/ https://platform.twitter.com/ https://bid.g.doubleclick.net/ https://www.youtube.com/ https://app.hubspot.com/ https://vars.hotjar.com/ https://www.google.com/; child-src https://www.intezer.com/; img-src 'self'; font-src 'self'; connect-src 'self'; manifest-src 'self'; base-uri https://www.intezer.com/; form-action 'self' https://*.twitter.com/; media-src 'self'; prefetch-src 'self'; worker-src https://www.intezer.com/; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report
host-header: Pressable
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
last-modified: Wed, 08 Dec 2021 17:58:41 GMT
server: nginx
date: Wed, 08 Dec 2021 17:58:41 GMT
vary: Accept-Encoding, Cookie, Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=300, must-revalidate
content-security-policy: frame-ancestors 'self' *.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: *.google.com *.googleapis.com *.intezer.com *.youtube.com googletagmanager.com *.opendns.com *.hsappstatic.net twitter.com *.cloudflare.com *.comeet.co *.twitter.com *.gaug.es *.wp.com *.hsleadflows.net *.gstatic.com *.usemessages.com *.hs-banner.com *.licdn.com *.hs-analytics.net *.ads-twitter.com *.hs-scripts.com *.googleadservices.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.addtoany.com *.facebook.net *.google-analytics.com *.pressablecdn.com; object-src 'self'; frame-src 'self' *.hsappstatic.net *.usemessages.com *.recaptcha.net *.intezer.com *.hubspot.com *.pressablecdn.com *.hotjar.com *.googletagmanager.com *.wp.com *.google.com *.twitter.com *.comeet.com *.comeet.co *.doubleclick.net *.youtube.com; child-src 'self' *.intezer.com; base-uri 'self' *.intezer.com; form-action 'self' https://*.twitter.com/; worker-src 'self' *.intezer.com; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce
x-ac: 2.hhn _atomic_ams
x-robots-tag: noindex
link: <https://www.intezer.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 refill Show response
www.intezer.com/wp-json/contact-form-7/v1/contact-forms/15120/ 2 B
3 KB 334ms
334ms Fetch
application/json 199.16.172.82
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-json/contact-form-7/v1/contact-forms/15120/refill

Requested by

Host: 149520725.v2.pressablecdn.com
URL: https://149520725.v2.pressablecdn.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.82 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: .google.com .googleapis.com .intezer.com .youtube.com googletagmanager.com .opendns.com .hsappstatic.net twitter.com .cloudflare.com .comeet.co .twitter.com .gaug.es .wp.com .hsleadflows.net .gstatic.com .usemessages.com .hs-banner.com .licdn.com .hs-analytics.net .ads-twitter.com .hs-scripts.com .googleadservices.com .hotjar.com .googletagmanager.com .doubleclick.net .addtoany.com .facebook.net .google-analytics.com .pressablecdn.com; object-src 'self'; frame-src 'self' .hsappstatic.net .usemessages.com .recaptcha.net .intezer.com .hubspot.com .pressablecdn.com .hotjar.com .googletagmanager.com .wp.com .google.com .twitter.com .comeet.com .comeet.co .doubleclick.net .youtube.com; child-src 'self' .intezer.com; base-uri 'self' .intezer.com; form-action 'self' https://.twitter.com/; worker-src 'self' *.intezer.com; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nananana: Batcache-Set
strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' https://www.intezer.com/ http://www.intezer.com/; block-all-mixed-content; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: https://translate.google.com/ https://translate.googleapis.com/ https://www.intezer.com/ http://www.youtube.com/ https://www.youtube.com/ https://googletagmanager.com/ https://*.opendns.com/ https://static.hsappstatic.net/ https://twitter.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://ajax.googleapis.com/ https://www.comeet.co/ https://platform.twitter.com/ https://secure.gaug.es/ https://*.wp.com/ https://www.google.com/ https://js.hsleadflows.net/ https://www.gstatic.com/ https://js.usemessages.com/ https://js.hs-banner.com/ https://snap.licdn.com/ https://js.hs-analytics.net/ https://static.ads-twitter.com/ https://js.hs-scripts.com/ https://www.googleadservices.com/ https://script.hotjar.com/ https://static.hotjar.com/ https://analytics.twitter.com/ https://www.googletagmanager.com/ https://googleads.g.doubleclick.net/ https://static.addtoany.com/ https://connect.facebook.net/ https://www.google-analytics.com/ https://*.pressablecdn.com/; style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://*.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://*.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/; object-src 'none'; frame-src https://static.hsappstatic.net/ https://js.usemessages.com/ https://*.recaptcha.net/ https://www.intezer.com/ https://meetings.hubspot.com/ https://*.pressablecdn.com/ https://static.hotjar.com/ https://www.googletagmanager.com/ https://widgets.wp.com/ https://optimize.google.com/ https://syndication.twitter.com/ https://www.comeet.com/ https://www.comeet.co/ https://platform.twitter.com/ https://bid.g.doubleclick.net/ https://www.youtube.com/ https://app.hubspot.com/ https://vars.hotjar.com/ https://www.google.com/; child-src https://www.intezer.com/; img-src 'self'; font-src 'self'; connect-src 'self'; manifest-src 'self'; base-uri https://www.intezer.com/; form-action 'self' https://*.twitter.com/; media-src 'self'; prefetch-src 'self'; worker-src https://www.intezer.com/; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report
host-header: Pressable
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
last-modified: Wed, 08 Dec 2021 17:58:41 GMT
server: nginx
date: Wed, 08 Dec 2021 17:58:41 GMT
vary: Accept-Encoding, Cookie, Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=300, must-revalidate
content-security-policy: frame-ancestors 'self' *.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: *.google.com *.googleapis.com *.intezer.com *.youtube.com googletagmanager.com *.opendns.com *.hsappstatic.net twitter.com *.cloudflare.com *.comeet.co *.twitter.com *.gaug.es *.wp.com *.hsleadflows.net *.gstatic.com *.usemessages.com *.hs-banner.com *.licdn.com *.hs-analytics.net *.ads-twitter.com *.hs-scripts.com *.googleadservices.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.addtoany.com *.facebook.net *.google-analytics.com *.pressablecdn.com; object-src 'self'; frame-src 'self' *.hsappstatic.net *.usemessages.com *.recaptcha.net *.intezer.com *.hubspot.com *.pressablecdn.com *.hotjar.com *.googletagmanager.com *.wp.com *.google.com *.twitter.com *.comeet.com *.comeet.co *.doubleclick.net *.youtube.com; child-src 'self' *.intezer.com; base-uri 'self' *.intezer.com; form-action 'self' https://*.twitter.com/; worker-src 'self' *.intezer.com; report-uri https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce
x-ac: 2.hhn _atomic_ams
x-robots-tag: noindex
link: <https://www.intezer.com/wp-json/>; rel="https://api.w.org/"

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
625 B 126ms
126ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/5492986.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHBITxTle%2BKN%2B3gbuaQhg2viMKE%2BfqGodqhvfRwBYq809tAIxTXCF7lBJTuysOiGw9YHm6MMEQS0W246%2Bsw69%2FrkgSWwwqPRzZ14IjFBaWotJlASO5bqy%2F6Fvvi2cMAH93FR%2FbfXNhSFTY0jka1NyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e21868214a8c-FRA

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
618 B 160ms
160ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0r1rLTdQrKw2AcAQGKCvqeBTHz8Sv5STuMq725HBzaTMMIBpZblB8yUXhALaBkjDs%2BvbnBPVUwLO19XIV1%2Fd4DIEksMt888KgMMTSvYcotYJp86gf2hmLDv2GVxE1NyaFEu1iKyMeLeRqIS1lsBkiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e218887e4a8c-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1001 B 461ms
430ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=5492986&ct=blog-post&rcu=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&pu=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&t=Teaching+Capa+New+Tricks%3A+Analyzing+Capabilities+in+PE+and+ELF+Files&cts=1638986320146&vi=b73b9e29f54a38658c3d2c667a5fe521&nc=true&u=193884914.b73b9e29f54a38658c3d2c667a5fe521.1638986320141.1638986320141.1638986320141.1&b=193884914.1.1638986320141&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:41 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fdac9895-4c11-486a-a056-d128cb12726b
cf-ray: 6ba7e218a9b24a5b-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiKkq3TAOWtZs6weVDG1NrXnqAGd4hTO4GHzMNLsGCGmSQVNJ1hdrILRV3sw4%2FQFyAN5xFmGyq8zVkQ0LUffTVLu0jymbPNPwBFQ%2B0zGxiFIq7JHSHDQDYVShRdH2DMlaPnvHhku0fHGos%2Fc%2BTTP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H3 200 3
gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/ 0
629 B 124ms
124ms Other
application/javascript 2606:4700:3033::ac43:d23b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d23b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Dec 2021 17:58:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CWKmn0%2BGJJcXmlrWhZOx2Jh0wCkxPbAP5tmHB%2FgepzlVBqUZhIm0utK8mL8f48KpskkNIOmrY7Mdhh7WyzdRDS%2BLXvPy7z3h%2Bd%2BOdehp%2BtmrmP%2FlO%2Fgx%2FsbgYV1iz1wyl6h%2B63DwzWKq4krJZHwtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://www.intezer.com
vary: Origin
cf-ray: 6ba7e218c8fe4a8c-FRA

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
845 B 186ms
176ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5492986&utk=b73b9e29f54a38658c3d2c667a5fe521&__hstc=193884914.b73b9e29f54a38658c3d2c667a5fe521.1638986320141.1638986320141.1638986320141.1&__hssc=193884914.1.1638986320141&currentUrl=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5846855225c8dc7a717196192b00e2f97038cebe00b787f8b49819e03db5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intezer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6279a0bc-b07e-4ad6-9052-532ec5bc9589
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UtXxDdqyq%2B1RIh7s4m8uO13O3N3OvPONYnjj%2F%2Bfws37xMrZXDOI%2FhqrSIK0X%2FFTviswVmPW16joaD2BxvLU55B%2BasTlcgP8kAWI2rpxASFX4r%2F3hRGqxcE%2Ff%2Fs5ufLY9hhHn4Sih16h9Rv%2FG1TV"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.intezer.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6ba7e218da314ac2-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce

Domain: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/5450.js?p=https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/&e=

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=enforce

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Domain: gate.rapidsec.net
URL: https://gate.rapidsec.net/g/r/csp/5cd5f496-b9ef-4d2c-8055-977171c1fd61/0/23/3?sct=db605a4e-74e2-43e0-8aac-ec72eefcbad3&dpos=report

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:35:38	Name: _GRECAPTCHA Value: 09ABBMTcMzdyWkwIg0ynf2-FnNvGUYsvzUG7qa6lbNzuew7Oe5Wftd_YjPjjNgingjc_tZvwZ07XvJBFUGHnHTVhE
.intezer.com/	1970-01-20 01:26:02	Name: _gcl_au Value: 1.1.1935408730.1638986318
.intezer.com/	1970-01-20 16:47:38	Name: _ga Value: GA1.2.676202216.1638986318
.intezer.com/	1970-01-19 23:17:52	Name: _gid Value: GA1.2.2077288212.1638986318
.doubleclick.net/	1970-01-20 08:38:02	Name: IDE Value: AHWqTUlX06QS-flBkxvzsdwFbAF4YULSwoKU2YPRKOsOMLhIuStCBvPkHyW0gaii
.intezer.com/	1970-01-19 23:16:26	Name: _gat_UA-97741055-1 Value: 1
.intezer.com/	1970-01-19 23:16:26	Name: _dc_gtm_UA-97741055-8 Value: 1
.twitter.com/	1970-01-20 16:47:38	Name: personalization_id Value: "v1_Qb/0MNwF2Kf5PH7Oac+TQQ=="
.linkedin.com/	1970-01-19 23:59:38	Name: UserMatchHistory Value: AQJbPpzepf6iZQAAAX2bMoQ-JMHBLZuJ-RPFXSxl36og9S6qCiKby5LUzmqDiuZB9uiUCeibqjVLRg
.linkedin.com/	1970-01-19 23:59:38	Name: AnalyticsSyncHistory Value: AQK-6s6A0vr8wQAAAX2bMoQ_9o1401MR4eQzFlOpqFBPd_0XwshhTf6JXIITJakFt0o0JLmEBL0Yj4dxUkF36Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:48:20	Name: bcookie Value: "v=2&078495d3-ced6-4b9c-83e3-f39067c96fda"
.linkedin.com/	1970-01-19 23:17:52	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2166:u=1:x=1:i=1638986318:t=1639072718:v=2:sig=AQE3Rvi0-IMmo7ICCb8QpCjTCbQpoJhW"
.intezer.com/	1970-01-20 08:02:02	Name: _hjSessionUser_2053093 Value: eyJpZCI6IjU1NmRjYThiLWJkMDMtNTFiMy1hOTA1LWE2NTc3YTlkYjg1NiIsImNyZWF0ZWQiOjE2Mzg5ODYzMTgzNzksImV4aXN0aW5nIjpmYWxzZX0=
.intezer.com/	1970-01-19 23:16:28	Name: _hjFirstSeen Value: 1
.intezer.com/	1970-01-19 23:16:28	Name: _hjSession_2053093 Value: eyJpZCI6IjRmOTljZGE4LTBjMTMtNGFjMC04Nzg4LTYxN2U5Nzg4NDc0NCIsImNyZWF0ZWQiOjE2Mzg5ODYzMTg0MzZ9
www.intezer.com/	1970-01-19 23:16:26	Name: _hjIncludedInPageviewSample Value: 1
.intezer.com/	1970-01-19 23:16:28	Name: _hjAbsoluteSessionInProgress Value: 0
www.intezer.com/	1970-01-19 23:16:26	Name: _hjIncludedInSessionSample Value: 1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:48:20	Name: bscookie Value: "v=1&202112081758398a4da87c-8b8f-438d-8603-0388e3800933AQEi7Dk6NTT_yjsAja_-K2DrMu7ZTLxn"
.linkedin.com/	1970-01-20 16:45:19	Name: li_gc Value: MTswOzE2Mzg5ODYzMTk7MjswMjF80+upRoY+yc4z4eXrpY54qg8F8lK6/VGRe6YIEIR3QQ==
www.intezer.com/	1970-01-19 23:16:29	Name: _gauges_unique_hour Value: 1
www.intezer.com/	1970-01-19 23:17:52	Name: _gauges_unique_day Value: 1
www.intezer.com/	1970-01-20 00:01:04	Name: _gauges_unique_month Value: 1
www.intezer.com/	1970-01-20 08:02:02	Name: _gauges_unique_year Value: 1
www.intezer.com/	1970-01-20 08:02:02	Name: _gauges_unique Value: 1
.intezer.com/	1970-01-20 08:38:02	Name: __hstc Value: 193884914.b73b9e29f54a38658c3d2c667a5fe521.1638986320141.1638986320141.1638986320141.1
.intezer.com/	1970-01-20 08:38:02	Name: hubspotutk Value: b73b9e29f54a38658c3d2c667a5fe521
.intezer.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.intezer.com/	1970-01-19 23:16:28	Name: __hssc Value: 193884914.1.1638986320141
.hubspot.com/	1970-01-19 23:16:28	Name: __cf_bm Value: 3PDc_A7ZUflkr2mem36Bqy0T40bc8Wvx5jIRfssq7h4-1638986321-0-AV0q2tqfGjmEaIIGDyPAj7B4fiHav113FB/P0qgw8ko1IqL9c5VTUll6e1lCjrfGWwVw6rfqsAMIOJ0sDF4K44w=

277 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 4) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 21) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/favicon.png' because it violates the following Content Security Policy directive: "img-src 'self'".
other	warning	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 22) Message: <link rel=preload> must have a valid `as` value
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 67) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 82) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 179) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 183) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 194) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 297) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2020/05/cropped-intezer-blue-1-32x32.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 298) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2020/05/cropped-intezer-blue-1-192x192.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 299) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2020/05/cropped-intezer-blue-1-180x180.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 322) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/search-ico.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 332) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2020/05/intezer-logo-n.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 357) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/search-ico.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 387) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/thumbs/logo-analize-logo-trans-ozsmvqchu4xq3efimwjdhr1x8rgjihbqxejnle9j9u.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 561) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/elementor/thumbs/protect-logo-ozsn131er69i7gnmdptw6wff0r2scfkpzwa6z4btua.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 761) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/fontawesome-webfont.woff2?v=4.7.0' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/fontawesome-webfont.woff?v=4.7.0' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/fontawesome-webfont.ttf?v=4.7.0' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-300-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-300-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-500-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-500-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-700-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/fonts/museo-700-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3...OnYercZg2YVmLN/d/gczfEimrE/fs/bOuq29Zmn8tloORaXgZgGa78yO9/cnXm2BpaGvq25Dv9S4E9+5SIc9PqupJKhYFSSl47+Qcr1mYNAAAAeNptw0cKwkAAAMDZJA8Q7OUJvkLsPfZ6zFVERPy8qHh2YER+3i/BP83vIBLLySsoKimrqKqpa2hp6+jq6RsYGhmbmJqZSy0sraxtbO3sHRydnEMU4uR6yx7JJXveP7WrDycAAAAAAAH//wACeNpjYGRgYOABYhkgZgJCZgZNBkYGLQZtIJsFLMYAAAw3ALgAeNolizEKgDAQBCchRbC2sFER0YD6qVQiBCv/H9ezGI6Z5XBAw8CBK/m5iQQVauVbXLnOrMZv2oLdKFa8Pjuru2hJzGabmOSLzNMzvutpB3N42mNgZGBg4GKQYzBhYMxJLMlj4GBgAYow/P/PAJJhLM6sSoWKfWCAAwDAjgbRAAB42mNgYGBkAIIbCZo5IPrmUn0hGA0AO8EFTQAA' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4taVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4saVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/plugins/ajax-search-lite/css/fonts/icons2.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/search-ico-black.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/star.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 821) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 860) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2020/12/headshot-scaled-e1607466945157-60x60.jpg' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 860) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/09/BlogImage1024x475-1-1270x475.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 863) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 910) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 915) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/08/BlogImage1024x475-2-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 927) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/GoReport_Twitter_1024x475_v3-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 939) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/11/mwrpic-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 995) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1009) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1009) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1009) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1016) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1016) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1016) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1029) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1029) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1029) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1042) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1042) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1042) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1047) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1057) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1057) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1057) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1070) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1070) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1070) Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1075) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1089) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2020/12/headshot-scaled-e1607466945157-60x60.jpg' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1094) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/08/BlogImage1024x475-2-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1106) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/GoReport_Twitter_1024x475_v3-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1118) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/11/mwrpic-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1196) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/images/intezer-logo-b.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://static.addtoany.com/menu/page.js Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://static.addtoany.com/menu/page.js Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///ywAAAAAAQABAAACAUwAOw==' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/(Line 1284) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.10.0' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.13.0' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.13.0' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.13.0' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOiCnqEu92Fr1Mu51QrEz0dL_nz.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOiCnqEu92Fr1Mu51QrEzQdL_nz.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOiCnqEu92Fr1Mu51QrEzwdL_nz.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOiCnqEu92Fr1Mu51QrEzMdL_nz.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOiCnqEu92Fr1Mu51QrEz8dL_nz.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOiCnqEu92Fr1Mu51QrEz4dL_nz.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc2CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc5CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc1CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc0CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xFIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xEIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xLIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc3CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc-CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc2CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc5CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc1CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc0CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic3CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic2CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic5CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc3CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc-CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc2CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc5CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc1CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc0CsTKlA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxFIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxMIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxEIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxLIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxHIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxGIzIFKw.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxIIzI.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu72xKOzY.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7mxKOzY.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4WxKOzY.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7WxKOzY.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfCRc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfCBc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBxc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 3) Message: [Report Only] Refused to load the font 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2' because it violates the following Content Security Policy directive: "font-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 2) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/08/BlogImage1024x475-2-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 2) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/GoReport_Twitter_1024x475_v3-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 2) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/GoReport_Twitter_1024x475_v3-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=0aeebf0e297002559f8cf4ab5cad896d(Line 2) Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/11/mwrpic-253x139.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://149520725.v2.pressablecdn.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.5.1(Line 1) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://pixel.wp.com/g.gif?v=ext&j=1%3A10.5-a.1&blog=186808338&post=21121&tz=0&srv=www.intezer.com&host=www.intezer.com&ref=&fcp=0&rand=0.13073543981503666' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	Message: [Report Only] Refused to load the script 'https://tracking.g2crowd.com/attribution_tracking/conversions/5450.js?p=https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/&e=' because it violates the following Content Security Policy directive: "script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: https://translate.google.com/ https://translate.googleapis.com/ https://www.intezer.com/ http://www.youtube.com/ https://www.youtube.com/ https://googletagmanager.com/ https://.opendns.com/ https://static.hsappstatic.net/ https://twitter.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://ajax.googleapis.com/ https://www.comeet.co/ https://platform.twitter.com/ https://secure.gaug.es/ https://.wp.com/ https://www.google.com/ https://js.hsleadflows.net/ https://www.gstatic.com/ https://js.usemessages.com/ https://js.hs-banner.com/ https://snap.licdn.com/ https://js.hs-analytics.net/ https://static.ads-twitter.com/ https://js.hs-scripts.com/ https://www.googleadservices.com/ https://script.hotjar.com/ https://static.hotjar.com/ https://analytics.twitter.com/ https://www.googletagmanager.com/ https://googleads.g.doubleclick.net/ https://static.addtoany.com/ https://connect.facebook.net/ https://www.google-analytics.com/ https://*.pressablecdn.com/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://tracking.g2crowd.com/attribution_tracking/conversions/5450.js?p=https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/&e=' because it violates the following Content Security Policy directive: "script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' data: .google.com .googleapis.com .intezer.com .youtube.com googletagmanager.com .opendns.com .hsappstatic.net twitter.com .cloudflare.com .comeet.co .twitter.com .gaug.es .wp.com .hsleadflows.net .gstatic.com .usemessages.com .hs-banner.com .licdn.com .hs-analytics.net .ads-twitter.com .hs-scripts.com .googleadservices.com .hotjar.com .googletagmanager.com .doubleclick.net .addtoany.com .facebook.net .google-analytics.com *.pressablecdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://static.addtoany.com/ Message: [Report Only] Refused to frame 'https://static.addtoany.com/' because it violates the following Content Security Policy directive: "frame-src https://static.hsappstatic.net/ https://js.usemessages.com/ https://.recaptcha.net/ https://www.intezer.com/ https://meetings.hubspot.com/ https://.pressablecdn.com/ https://static.hotjar.com/ https://www.googletagmanager.com/ https://widgets.wp.com/ https://optimize.google.com/ https://syndication.twitter.com/ https://www.comeet.com/ https://www.comeet.co/ https://platform.twitter.com/ https://bid.g.doubleclick.net/ https://www.youtube.com/ https://app.hubspot.com/ https://vars.hotjar.com/ https://www.google.com/".
security	error	URL: https://static.addtoany.com/ Message: Refused to frame 'https://static.addtoany.com/' because it violates the following Content Security Policy directive: "frame-src 'self' .hsappstatic.net .usemessages.com .recaptcha.net .intezer.com .hubspot.com .pressablecdn.com .hotjar.com .googletagmanager.com .wp.com .google.com .twitter.com .comeet.com .comeet.co .doubleclick.net *.youtube.com".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/linux-pop.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/kubernetes-pop.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/containers-pop.jpg' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/aws-pop.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/google-pop.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://149520725.v2.pressablecdn.com/wp-content/uploads/2021/02/azure-pop.png' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://static.hotjar.com/c/hotjar-2053093.js?sv=7(Line 2) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google.com/pagead/1p-user-list/842858921/?random=1638986317892&cv=9&fst=1638982800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&fmt=3&is_vtc=1&random=2227363072&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google.de/pagead/1p-user-list/842858921/?random=1638986317892&cv=9&fst=1638982800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&fmt=3&is_vtc=1&random=2227363072&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nzi1c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=dfb108f4-0a2e-4a51-b477-e69eca117425&tw_document_href=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nzh93&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=d2e3b7ff-3cae-417f-8292-8ea6746b354e&tw_document_href=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google.com/pagead/1p-user-list/725468766/?random=1638986318074&cv=9&fst=1638982800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&async=1&fmt=3&is_vtc=1&random=2632901279&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google.de/pagead/1p-user-list/725468766/?random=1638986318074&cv=9&fst=1638982800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&tiba=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&async=1&fmt=3&is_vtc=1&random=2632901279&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.google-analytics.com/analytics.js(Line 43) Message: [Report Only] Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1813315710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&ul=en-us&de=UTF-8&dt=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=2008479733&gjid=262269706&cid=676202216.1638986318&tid=UA-97741055-1&_gid=2077288212.1638986318&_r=1&gtm=2wgc10KC95766&z=1505327769' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://www.google-analytics.com/analytics.js(Line 43) Message: [Report Only] Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97741055-8&cid=676202216.1638986318&jid=1306896231&gjid=1930711636&_gid=2077288212.1638986318&_u=aGDAgEADQAAAAG~&z=960691983' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google-analytics.com/collect?v=1&_v=j96&a=1813315710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&ul=en-us&de=UTF-8&dt=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAC~&jid=1306896231&gjid=1930711636&cid=676202216.1638986318&tid=UA-97741055-8&_gid=2077288212.1638986318&gtm=2wgc10KC95766&z=858119457' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.google-analytics.com/analytics.js(Line 43) Message: [Report Only] Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97741055-1&cid=676202216.1638986318&jid=2008479733&gjid=262269706&_gid=2077288212.1638986318&_u=aGDAAEACQAAAAC~&z=1779116835' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97741055-8&cid=676202216.1638986318&jid=1306896231&_u=aGDAgEADQAAAAG~&z=1133836563' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97741055-8&cid=676202216.1638986318&jid=1306896231&_u=aGDAgEADQAAAAG~&z=1133836563' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97741055-1&cid=676202216.1638986318&jid=2008479733&_u=aGDAAEACQAAAAC~&z=339844580' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97741055-1&cid=676202216.1638986318&jid=2008479733&_u=aGDAAEACQAAAAC~&z=339844580' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://js.usemessages.com/conversations-embed.js Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://js.usemessages.com/conversations-embed.js Message: [Report Only] Refused to connect to 'https://api.hubspot.com/livechat-public/v1/message/public?portalId=5492986&conversations-embed=static-1.9460&mobile=false&messagesUtk=ea2cb6450ffe4f62ad9d6f900bff088d&traceId=ea2cb6450ffe4f62ad9d6f900bff088d' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1327356%26time%3D1638986318071%26url%3Dhttps%253A%252F%252Fwww.intezer.com%252Fblog%252Fmalware-analysis%252Fanalyzing-capabilities-in-PE-and-ELF-files%252F%26liSync%3Dtrue' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js(Line 1) Message: [Report Only] Refused to connect to 'https://in.hotjar.com/api/v2/client/sites/2053093/visit-data?sv=7' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&liSync=true' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js(Line 1) Message: [Report Only] Refused to connect to 'wss://ws16.hotjar.com/api/v2/client/ws' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js(Line 1) Message: [Report Only] Refused to connect to 'https://ws16.hotjar.com/api/v2/sites/2053093/recordings/content' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://secure.gaug.es/track.gif?h[site_id]=5fd5ade352684d3c97554910&h[resource]=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&h[referrer]=&h[title]=Teaching%20Capa%20New%20Tricks%3A%20Analyzing%20Capabilities%20in%20PE%20and%20ELF%20Files&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1638986318826' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1327356&time=1638986318071&url=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&liSync=true&e_ipv6=AQKEQvrwotKjHAAAAX2bMoX1snK3D9FlXXRwDPhhmgGXaO1WPs9AiVgktgKI2XJLqcVw1OzNzg' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://js.hs-banner.com/5492986.js(Line 11) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'sha256-A36pRlP2FPaVBYPMDmRWdqe3nTLvokMItNMM9+H4iuY=' 'unsafe-inline' 'unsafe-hashes' https://cdn.jsdelivr.net/npm/timepicker@1.13.14/jquery.timepicker.min.css https://translate.googleapis.com/ https://www.comeet.com/ https://static.hsappstatic.net/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://.wp.com/ https://fonts.googleapis.com/ http://fonts.googleapis.com/ https://.pressablecdn.com/ https://www.intezer.com/ http://www.intezer.com/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://www.intezer.com/blog/malware-analysis/analyzing-capabilities-in-PE-and-ELF-files/ Message: [Report Only] Refused to load the image 'https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=5492986&ct=blog-post&rcu=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&pu=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F&t=Teaching+Capa+New+Tricks%3A+Analyzing+Capabilities+in+PE+and+ELF+Files&cts=1638986320146&vi=b73b9e29f54a38658c3d2c667a5fe521&nc=true&u=193884914.b73b9e29f54a38658c3d2c667a5fe521.1638986320141.1638986320141.1638986320141.1&b=193884914.1.1638986320141&pt=0&cc=15' because it violates the following Content Security Policy directive: "img-src 'self'".
security	error	URL: https://js.hsleadflows.net/leadflows.js Message: [Report Only] Refused to connect to 'https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5492986&utk=b73b9e29f54a38658c3d2c667a5fe521&__hstc=193884914.b73b9e29f54a38658c3d2c667a5fe521.1638986320141.1638986320141.1638986320141.1&__hssc=193884914.1.1638986320141&currentUrl=https%3A%2F%2Fwww.intezer.com%2Fblog%2Fmalware-analysis%2Fanalyzing-capabilities-in-PE-and-ELF-files%2F' because it violates the following Content Security Policy directive: "connect-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149520725.v2.pressablecdn.com
analytics.twitter.com
api.hubspot.com
c0.wp.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
gate.rapidsec.net
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.usemessages.com
pixel.wp.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
secure.gaug.es
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
stats.wp.com
t.co
track.hubspot.com
tracking.g2crowd.com
vars.hotjar.com
ws16.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.intezer.com
www.linkedin.com
gate.rapidsec.net
tracking.g2crowd.com
104.244.42.131
104.244.42.5
108.174.10.14
13.32.22.63
13.32.22.91
142.250.186.98
143.204.209.120
192.0.76.3
192.0.77.37
192.0.77.39
199.16.172.82
199.232.136.157
2606:4700:10::ac43:2794
2606:4700:3033::ac43:d23b
2606:4700::6811:46b0
2606:4700::6811:d6cc
2606:4700::6811:e9cc
2606:4700::6811:eccc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:22::14
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a02:26f0:6c00::210:ba13
2a03:2880:f01c:8012:face:b00c:0:3
52.215.195.159
54.76.144.107
54.91.60.31
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
0a1af4d6495079c1a02bbd0f55a3d04fcf7835f66495f4ff7824531e1e715ad4
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0aaaf304996998b3e7e16f798ec86708fe2a732ddf2c789027fce8ebff2a2bd2
0c58687b5364ec205f8c31b0f4a3635c2db5fdb252b7e8b3ee904b90b046bd41
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0da3929b414164597d004fc209242e5b82ccbe9c0f18b97631a671890e0d6741
0e84403e2c319f7984d4c4411adb0b373cab26ec5c48f8b086c93493b8f7e9a1
0e99a9244d7c3de897fc25d4e3786edc2eb29556e8c218fa81ff44f4d9641417
128718f78add9d7810ffd6ced5e7825bcec9d13e9d725125640c2746417f72d1
161dab58676b279f43addcbc3f800ac11276f20f15866ba7f7b5c60bc01b065b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0dff01d02a09a4b563a62de4f823250acdd270670f95e3a9d15c3c52be3969
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f9ae0087c0c2abfd7af5d258ba60b0335bfd3e46747242855a921d1566df6bc
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
23d5b4b3e2d52d51c363cb8e0cebfecbcf1293e0bf11e00c17028cba39bab4e5
26ecda488604a2adc238627df58852418598d38a958ee17721372fa9ad322317
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f43834f6edfa66b7a0fdc9d6e2178047a399d6e5e5caec34af8212a65973a9a
3167a1a4cda80b0f7258edfddb30c6030036358d9b424a71ba473eaa54685f89
39eb075e17b2547d61e49f5a2c40154b70d9e089a38e0bf529bc5ce71da55c4b
3a794323056095d4ae3d4bccb01fdb689b186c5343f70248d41e61e951cf72fb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4135b9ba8f2a5dad50910bff31b4fd8d03ba28d90f77d307bf8d394116d00a9f
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
452d513b1ef9c6cb1afbe50a84b02c065daf5f3f459c556fbbbd6daa7fe15bbc
47bf1b370335e9a8260fb598e980fcaad03acd4f50e4c407672cf305d512158d
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e8b062018e10f9da5279f7ea03eb0f229a656ba1f82016ed76a82ae1e70cf6d
4f1c2d97c5d6d3a6d9a08fbe3b8e377acc08da746921dad92e17248ca55cb14f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
504d394f183d7c0a768d4604a848894965810382dc6d61f6dded6f09c524ab99
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
5145875b215db7c9340d01553694e8877f1d105ad8202b1f5ec1ddf214a6ef8e
534708b43bc02cb8910f2c21a92047c6590f02ff62fee2f2b328fbb3839e7e6b
54b1e91bc171ff3528739e682ca155a38062f852756cc79977d00d335bef7d3f
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
595d21dba2b6fb46b8560f9c5b6472a43fa6977f34a69073c23f5431218a9846
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
65a52f6e516f0c632596218b193336646905690934acda722c840c621d7e56d4
65ab45f57a63994e78a6cc0186a9b3a42132e97dfe8b1d29d67b0bec86948a8e
65f5e116b152127853bcceef2864070a979cfac6f9fac3a6a3800709db4d809c
693f66db1753b1be8cb51f2ec0a01b9a95d87ffe568c2301dea6b7df31c948a7
6b558ee3b6b5c5f0f6524a87e94b3670eae8bcb4d56b88aceb8cc85391434dc5
6bebe6bf7abf43624ab1ed62cabc6a1e1d9d5f1cea38042e516439b5391c1621
6e16a7694be76ee0a77cc181a2dc0e014793b78e8ffe840853b63e7d39c41c87
751d5192326ddefce3e87157f7c9355217cdad7b4a969b5dd3161b4453671389
768e9f571558630520b67b0e5cbd1906edbbe0d47a4b8270bbbf1147da30c1a2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79adde0dc23cba461e09967e3ceaa077a56e717d1eb2d4f1273a2e8d0f7ccf7c
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
80a679d6433ed147c4afc109f398daab03894131a4c21e71e35e4a9f86e2988c
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848042aa4c2670894f53b5d21fd6b95c8240b027be7e19e318dcafb601ee06a3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8e1d3542f4ea0a232b64a279e38b4cc9d666ae94a91abd25fff1a165194322cb
8f6c37b21f453721dffa0212085879cfe42fb85a334dccff0e0ad2f71fa4835f
9026b5846e1d90ce06c0fc69530a30275a1e4e0161e8a72dac9bc2f647d9d1a3
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
969f9c1b72eaa268385c8f1ddf02b07ef971d0e2d4d83921014531a4b9a75969
97b6a9b3c49911bef82e3f04e51c64b5d796965f830b0e5d5c68402475dc4a90
97cb87565038e71df0d9951c53544ccb188f88ca705463c6101926b68bdef32e
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
993b54391ed7524e6f321326d0f7bd2ed8f92bcf4e08bb1efc988ca16546807c
9af6cc766bb30e9809acc21d253b1c5bb67d998583cbb33d24d18b95f658b18d
9bea4073ca8eb9ea977081e0eaa614b3be5d03b818469694825e7849bbe1cc28
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af2e2283ffc4d9ca0e8be05032a6e2d7fe7daa868ad02fa1f61fc648e08336b8
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb434f0328d6d816d30aa942a808091339df83946b3be1e3ef476873cf83d8f6
bfb6b73b537f16c7f6305f29ab5062da25c8cd88522569bef369b59a9e2d0058
c07872c94137c75eff810332cf06d85a8a5c82b5c3bf803a616c8079abfaa9d4
c14b6ecea28d110fbf307fa31e248c1eca0e7b6e5895b462ba1782906ea54307
c38df4a2300e1acd22e8547908f1c0815e4232522aed59fd2d45942480b56f4c
c40a0cdd5ab5dcc4da78066f70839808bb4ee8fb2f3360dec64fde438770b099
c5b118e1c218db7ad0e0026f4b98d5af367de1f3d5ac16e12d1dc8351be8ef6d
c6c82452d4595c717df8f740c6f9ff4e6ae5bc1bb9f716584b27f457f18a1d04
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d2a442e1bc1180697fefe701f9b67b9cf4d819e2837bdb43898a2db6ef8e8262
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc19c2e40e42974f0416a3f4cc97e2dbb85a5b5598b76a75e9254164922e7be0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e22eaf5ba4db871d099871b16d9c1ae2e657b50d0b94014e168c6156808a280e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e85052e09a7415a2ab775cc198a96dc956d9de42b90541a5cdc9c5c176725745
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8d3af41050b28a394367164271f7468518681ce3c2409fbfea04f8865fffa7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46e86368c01cffc9a55e4ae44acbe6f5366913c4cb3af0ef90fad6210bbe29
ef7d760ee20a28f1e59bdd228bb10705687f5397d3c98d108a7f8c1247b9ad18
efbe1f9113f1707d25db78c96b43862a85f06385fb5b85eb9be2858ccbd52e9a
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5c19e2bb4b5df58d2bdc0ea41b4b9e8fc826bb9fe5ec100a8a8fe0b66f564c0
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fb5846855225c8dc7a717196192b00e2f97038cebe00b787f8b49819e03db5c1
fceeff59afa5feab1b7bba6d098735b5a6a4807fbaf3984a78ea58aa5d85b964
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fed6b941179411f03c10b811a833ed2acb5ca2a9d019cfab84fad586448bd74c
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.intezer.com Open in urlscan Pro 199.16.172.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

349 Requests

56 %HTTPS

57 %IPv6

28 Domains

40 Subdomains

34 IPs

4 Countries

1948 kBTransfer

5652 kBSize

32 Cookies

22 Outgoing links

Page URL History

Redirected requests

349 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.intezer.com Open in urlscan Pro
199.16.172.82 Public Scan

Screenshot
Live screenshot

Full Image

349
Requests

56 %
HTTPS

57 %
IPv6

28
Domains

40
Subdomains

34
IPs

4
Countries

1948 kB
Transfer

5652 kB
Size

32
Cookies

349 HTTP transactions
2 data transactions